Zusy.446422 removal tips

The Zusy.446422 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Zusy.446422 virus can do?

Sample contains Overlay data
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Zusy.446422?


File Info:
name: D42D34D87E404AA93862.mlw
path: /opt/CAPEv2/storage/binaries/2e96b55980a827011a7e0784ab95dcee53958a1bb19f5397080a434041bbeeea
crc32: 957EC7CF
md5: d42d34d87e404aa93862a40e997f8f6d
sha1: 8ea71ea5177d46c9feea0e1cd19069a3441e1758
sha256: 2e96b55980a827011a7e0784ab95dcee53958a1bb19f5397080a434041bbeeea
sha512: 3d17176d804b555ff1ad180ec789c73012512bfa87732d39c9927a0b9a87051fb2e41923326cf12af3cfdaacee95ede6b63f704f565accebe4d5b08fd08ccb3f
ssdeep: 24576:w/iIzkQF+KpPnF1Fx+CszLyQ9lkxIQVki//47JhUhio7Z6OI93lGFtPtnNON+IjE:whBPrElwNkto7VINlGFtPtnwjjOaHo
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T160A5D002FBC28272E593057891B6A73F893BBB209734C5D7C7D10D698D312D26A3B7A5
sha3_384: 47360b933e7fde6196f2687ead5222e205ab1da2c9d5bb70862ea5d5fd0c1b433d1f6240537712c63ef3bb60c9c8c7d7
ep_bytes: e86c0c0000e97afeffffcccccccccccc
timestamp: 2022-09-28 10:11:08

Version Info:
0: [No Data]

Zusy.446422 also known as:

Bkav	W32.AIDetectMalware
CyrenCloud	W32/Filecoder.FX.gen!Eldorado
Lionic	Trojan.Win32.Mimic.j!c
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
FireEye	Generic.mg.d42d34d87e404aa9
CAT-QuickHeal	Ransom.Mimic.S29850133
Skyhigh	BehavesLike.Win32.Injector.th
ALYac	Trojan.Ransom.Filecoder
Malwarebytes	Generic.Ransom.FileCryptor.DDS
Zillya	Trojan.Filecoder.Win32.27137
Sangfor	Ransom.Win32.Mimic.Vi30
K7AntiVirus	Trojan ( 005987f71 )
Alibaba	Ransom:Win32/Mimic.1c26dec5
K7GW	Trojan ( 005987f71 )
CrowdStrike	win/malicious_confidence_100% (W)
VirIT	Trojan.Win32.Genus.LXP
Symantec	Trojan Horse
ESET-NOD32	a variant of Win32/Filecoder.Mimic.A
APEX	Malicious
ClamAV	Win.Ransomware.Mimic-10002067-0
Kaspersky	HEUR:Trojan-Ransom.Win32.Mimic.gen
BitDefender	Gen:Variant.Zusy.446422
NANO-Antivirus	Trojan.Win32.Mimic.jtgorm
Avast	Win32:RansomX-gen [Ransom]
Rising	Ransom.Mimic!1.EEEC (CLASSIC)
Ad-Aware	Gen:Variant.Zusy.446422
Emsisoft	Gen:Variant.Zusy.446422 (B)
F-Secure	Trojan.TR/Ransom.Mimic.aah
DrWeb	Trojan.Encoder.36115
VIPRE	Gen:Variant.Zusy.446422
Trapmine	malicious.high.ml.score
Sophos	Mal/Generic-S
SentinelOne	Static AI – Suspicious PE
Jiangmin	Trojan.Scar.usk
Webroot	W32.Ransom.Mimic
Google	Detected
Avira	TR/Ransom.Mimic.aah
Antiy-AVL	Trojan[Ransom]/Win32.Mimic
Kingsoft	win32.troj.undef.a
Xcitium	Malware@#147v5dsakqt7u
Arcabit	Trojan.Zusy.D6CFD6
ViRobot	Trojan.Win.S.Ransom.2095627
Microsoft	Ransom:Win32/Mimic.MA!MTB
Varist	W32/Filecoder.FX.gen!Eldorado
AhnLab-V3	Trojan/Win.Generic.R512180
McAfee	Ransom-Mimic!D42D34D87E40
VBA32	TrojanRansom.Mimic
Cylance	unsafe
Panda	Trj/Chgt.AD
Tencent	Malware.Win32.Gencirc.10bd9db4
Yandex	Trojan.Filecoder!gMx/4YR4DTQ
Ikarus	Trojan-Ransom.Mimic
MaxSecure	Trojan.Malware.1466431.susgen
Fortinet	W32/Filecoder_Mimic.A!tr.ransom
BitDefenderTheta	Gen:NN.ZexaF.36608.@vY@aSmZA2gi
AVG	Win32:RansomX-gen [Ransom]
Cybereason	malicious.5177d4
DeepInstinct	MALICIOUS

How to remove Zusy.446422?

Zusy.446422 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X