Malware

Zusy.469311 removal tips

Malware Removal

The Zusy.469311 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.469311 virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Greek
  • Authenticode signature is invalid
  • Behavioural detection: Transacted Hollowing
  • Deletes executed files from disk
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Zusy.469311?



File Info:

name: 4AF285BC7DA723C9024B.mlw
path: /opt/CAPEv2/storage/binaries/b5bd2516b54505a8e4eb48b0543f90f9878e2e7f20976c9f0a73892439754ab0
crc32: 751CBABF
md5: 4af285bc7da723c9024b4d093831c7a9
sha1: 4517cd1641db3e0c22f65e2789b72d0d6cfbe9ee
sha256: b5bd2516b54505a8e4eb48b0543f90f9878e2e7f20976c9f0a73892439754ab0
sha512: 08886352db10f9dbc41245edcbeeaab9c46bdb3ac867322fdb46db1d0f10c085606f1b96c5e820290cb2fb19937a57bc33ac1e3b95f3dd6bc893b0e0df5c19d4
ssdeep: 49152:Zn6cy65vxoplf4UZhiabLK1DdxmHTO8g5At9TcCCxu226sxz6vKgMkH18gl38u5f:B6cyw5opl/YabL+DvmRHtiyaaMX4E9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BF268E31B64BC42BD66201B0196C9A9F92287F761BB654C773CC2E6E1BB44C31736E27
sha3_384: af809a6606ca87b85cace6444935a675f27fe58c3f7cd62a0e848e7ea824ea0d13b5b2964818f7980e2e6766127ed5c3
ep_bytes: e846060000e97afeffff8b4df464890d
timestamp: 2023-04-27 07:45:36


Version Info:

CompanyName: Η εταιρία σας
FileDescription: Η εφαρμογή σας Installer
FileVersion: 1.0.0
InternalName: 2
LegalCopyright: Copyright (C) 2023 Η εταιρία σας
OriginalFileName: 2.exe
ProductName: Η εφαρμογή σας
ProductVersion: 1.0.0
Translation: 0x0408 0x04b0

Zusy.469311 also known as:

MicroWorld-eScanGen:Variant.Zusy.469311
FireEyeGen:Variant.Zusy.469311
ALYacGen:Variant.Zusy.469311
VIPREGen:Variant.Zusy.469311
SangforTrojan.Win32.Zusy.Vbti
BitDefenderThetaGen:NN.ZexaF.36196.@x3@a8UOLkfO
CynetMalicious (score: 100)
BitDefenderGen:Variant.Zusy.469311
AvastWin32:Malware-gen
EmsisoftGen:Variant.Zusy.469311 (B)
McAfee-GW-EditionBehavesLike.Win32.Dropper.rc
GDataGen:Variant.Zusy.469311
ArcabitTrojan.Zusy.D7293F
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
McAfeeArtemis!4AF285BC7DA7
MAXmalware (ai score=81)
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H09EN23
RisingTrojan.Generic@AI.100 (RDML:hLkpDDaSQc3I57pOBbh7kg)
FortinetW32/PossibleThreat
AVGWin32:Malware-gen
DeepInstinctMALICIOUS

How to remove Zusy.469311?

Zusy.469311 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment