Malware

Zusy.452861 (B) (file analysis)

Malware Removal

The Zusy.452861 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.452861 (B) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Creates a copy of itself
  • Deletes executed files from disk

How to determine Zusy.452861 (B)?



File Info:

name: 52CD43440EAB67B5FFED.mlw
path: /opt/CAPEv2/storage/binaries/42dc291617e238cd7fd389297237cf1e4348f6164408a6d5bb631a5e9245d5ed
crc32: A6E02535
md5: 52cd43440eab67b5ffede652597b60bc
sha1: 47bfb16a28c38bb4240f20b6a415b6c11040a6cd
sha256: 42dc291617e238cd7fd389297237cf1e4348f6164408a6d5bb631a5e9245d5ed
sha512: 21c2e7cdf854d1f4c9fd7e39094a64110987b288f19e57cbfce5b0f57b19dc035f64ebac627f8f34da4e2afe0ee2a003c0e2696dee58f980fddea41c31bdac54
ssdeep: 3072:T+QqbHg7Ku/Izpi+R+t0kOnCBdi9QLoHj2vpW9yRZmECYNiUa/d:TZqbIhIzc+Ujq9QM2YsRZVZ5aV
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1D5F3E12FF3441FB3C58203B52A1B59C1B779907C237AC6A254A8811D2357F9CABBB191
sha3_384: 9ce8466d23af909bd5a20c38eb0344f89c1417d917c5b0516d4961626a4479c29db6d5305e0f0bf907c3257e4ef27d03
ep_bytes: 68000000005a83ec0489342421c081c0
timestamp: 1975-06-24 00:00:00


Version Info:

0: [No Data]

Zusy.452861 (B) also known as:

LionicTrojan.Win32.Copak.4!c
DrWebTrojan.Siggen20.25524
MicroWorld-eScanGen:Variant.Zusy.452861
FireEyeGeneric.mg.52cd43440eab67b5
McAfeeGlupteba-FUBP!52CD43440EAB
Cylanceunsafe
VIPREGen:Variant.Zusy.452861
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 005304e81 )
AlibabaTrojan:Win32/Copak.99641c2f
K7GWTrojan ( 005304e81 )
Cybereasonmalicious.a28c38
BitDefenderThetaGen:NN.ZexaCO.36196.j8Z@ampUwR
CyrenW32/Injector.BKX.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.HTAQ
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Packed.Razy-9874933-0
KasperskyTrojan.Win32.Copak.svfl
BitDefenderGen:Variant.Zusy.452861
NANO-AntivirusVirus.Win32.Gen.ccmw
AvastWin32:Evo-gen [Trj]
TencentMalware.Win32.Gencirc.10be7563
Ad-AwareGen:Variant.Zusy.452861
EmsisoftGen:Variant.Zusy.452861 (B)
F-SecureTrojan.TR/Crypt.XPACK.Gen
ZillyaTrojan.Kryptik.Win32.4112268
TrendMicroTROJ_GEN.R03BC0PD523
McAfee-GW-EditionBehavesLike.Win32.Generic.cc
Trapminemalicious.high.ml.score
SophosMal/Generic-S
IkarusTrojan.Win32.Injector
GDataGen:Variant.Zusy.452861
GoogleDetected
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=84)
Antiy-AVLTrojan/Win32.Kryptik
XcitiumMalCrypt.Indus!@1qrzi1
ArcabitTrojan.Zusy.D6E8FD
MicrosoftBehavior:Win32/QbotMod.A!MTB
CynetMalicious (score: 100)
VBA32BScope.Trojan.Wacatac
ALYacGen:Variant.Zusy.452861
MalwarebytesMalware.AI.698008478
TrendMicro-HouseCallTROJ_GEN.R03BC0PD523
RisingTrojan.Injector!1.C865 (CLASSIC)
SentinelOneStatic AI – Suspicious PE
MaxSecureVirus.Sality.AA
FortinetW32/Injector.DZQA!tr
AVGWin32:Evo-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Zusy.452861 (B)?

Zusy.452861 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment