Zusy.467915 removal

The Zusy.467915 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Zusy.467915 virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
CAPE detected the AsyncRat malware family

How to determine Zusy.467915?


File Info:
name: 1D6486C159E829324A79.mlw
path: /opt/CAPEv2/storage/binaries/9a3c9b0ece494a3b581a5fb300dcc1010ffd83904e12a4e90a0ca047ca7eba2a
crc32: CBFCDF4A
md5: 1d6486c159e829324a799490d17509f4
sha1: c4717ff9d4f4c2d5810121fb52a668b61bb8dafd
sha256: 9a3c9b0ece494a3b581a5fb300dcc1010ffd83904e12a4e90a0ca047ca7eba2a
sha512: 1cbb9f402783712d81c7a2c53c571d5ddac85cbe7a79f18f0c1f56c5ee5db8bb2a9f48d66f81d5cc84e132ebbf4c989cc968be7c06bdcede2b23103959f0dbed
ssdeep: 6144:h5ZFCqUv/LRSJ7eRLhXuAEufBAk0mAmTrkKHvrffueEYHpsqT0BtH5fXbCIDeib:h5/0L/PvDfumeqT0BtH5+CT
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11BE4CC037A489B00C978343A92FB2D2D63A1F9CB1771990FDF057B5B1DD62A69DCC24A
sha3_384: beba5f18dcde7ac7684253879807df91a192ec18c3e90f54b964855e4554cd5e565dff6371d5efcc8459524253b7bd7c
ep_bytes: ff250020400000000000000000000000
timestamp: 2020-05-10 05:24:51

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: 
FileVersion: 1.0.0.0
InternalName: Stub.exe
LegalCopyright: 
LegalTrademarks: 
OriginalFilename: Stub.exe
ProductName: 
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Zusy.467915 also known as:

Lionic	Trojan.Win32.Crysan.4!c
MicroWorld-eScan	Gen:Variant.Zusy.467915
FireEye	Generic.mg.1d6486c159e82932
ALYac	Gen:Variant.Zusy.467915
Malwarebytes	Backdoor.AsyncRAT
K7AntiVirus	Trojan ( 00575a901 )
BitDefender	Gen:Variant.Zusy.467915
K7GW	Trojan ( 00575a901 )
CrowdStrike	win/malicious_confidence_100% (W)
BitDefenderTheta	Gen:NN.ZemsilF.36250.Rm0@aKlj9qp
VirIT	Trojan.Win32.MSIL_Heur.A
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Agent.DEF
APEX	Malicious
Cynet	Malicious (score: 100)
Alibaba	Trojan:MSIL/KeyloggerX.c87eb468
F-Secure	Trojan.TR/Dropper.Gen
VIPRE	Gen:Variant.Zusy.467915
TrendMicro	Backdoor.Win32.ASYNCRAT.YXDE5Z
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
Avira	TR/Dropper.Gen
Antiy-AVL	Trojan[Backdoor]/MSIL.Crysan
Arcabit	Trojan.Zusy.D723CB
ZoneAlarm	HEUR:Backdoor.MSIL.Crysan.gen
AhnLab-V3	Malware/Win32.RL_Generic.C3558490
Acronis	suspicious
MAX	malware (ai score=86)
Cylance	unsafe
TrendMicro-HouseCall	Backdoor.Win32.ASYNCRAT.YXDE5Z
Tencent	Win32.Trojan.Dropper.Pnkl
Ikarus	Trojan.MSIL.Agent
Cybereason	malicious.159e82
DeepInstinct	MALICIOUS

How to remove Zusy.467915?

Zusy.467915 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X