Malware

Zusy.473431 (B) information

Malware Removal

The Zusy.473431 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.473431 (B) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Zusy.473431 (B)?



File Info:

name: 614F20804113A1BD252A.mlw
path: /opt/CAPEv2/storage/binaries/6e93b74296062a1a5d78d56bb488c0360cc383dfae5462e99f8f2104473ab206
crc32: F2C5CCD9
md5: 614f20804113a1bd252a126b53eb461a
sha1: 7cf8a7cd2b1f94aaab88b15f85552450c236c98a
sha256: 6e93b74296062a1a5d78d56bb488c0360cc383dfae5462e99f8f2104473ab206
sha512: 01bdf6cf5f07f183a7967efc8f5728d0d24d7cd1a30fb359160c46bee781abb6d3ce4da2423a92e66252401ab89accc1f0e5fea0dda2055bb57b30130d113706
ssdeep: 6144:ie81OFQG4GGUyHwV8XEbKnvmb7/D26F+HQisK6rmNX:ie81O2PUFV8XEbKnvmb7/D26F+4r
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10924C513BA10B46FE447C8F12A69965A792D2EB62794FC037282AF1571704E7B8F530F
sha3_384: 5edc5dc0c5ee604d47ad528c06f8513395f2cd86ad83b6eaf4e82da16b6abe569e88aacffffa70a2913be67cd4be7eab
ep_bytes: 68d4364000e8eeffffff000000000000
timestamp: 2011-11-26 00:04:44


Version Info:

0: [No Data]

Zusy.473431 (B) also known as:

LionicWorm.Win32.WBNA.lsBb
MicroWorld-eScanGen:Variant.Zusy.473431
FireEyeGeneric.mg.614f20804113a1bd
CAT-QuickHealTrojan.AgentVMF.S20632598
SkyhighBehavesLike.Win32.VBObfus.dm
ALYacGen:Variant.Zusy.473431
Cylanceunsafe
ZillyaTrojan.Agent.Win32.3743192
SangforSuspicious.Win32.Save.vb
K7AntiVirusEmailWorm ( 0054d10f1 )
AlibabaWorm:Win32/Vobfus.cace21a1
K7GWEmailWorm ( 0054d10f1 )
Cybereasonmalicious.d2b1f9
BitDefenderThetaGen:NN.ZevbaF.36792.nmX@a4xGKYf
VirITTrojan.Win32.Generic.EQN
SymantecW32.Changeup!gen15
Elasticmalicious (high confidence)
ESET-NOD32Win32/AutoRun.VB.APU
APEXMalicious
ClamAVWin.Trojan.Changeup-6169544-0
KasperskyTrojan.Win32.Agent.aaohu
BitDefenderGen:Variant.Zusy.473431
NANO-AntivirusTrojan.Win32.Agent.dyayll
TencentTrojan.Win32.Agent.kz
SophosMal/SillyFDC-T
BaiduWin32.Worm.Autorun.l
F-SecureTrojan.TR/Dropper.Gen
DrWebTrojan.VbCrypt.150
VIPREGen:Variant.Zusy.473431
TrendMicroWORM_VOBFUS.SMAB
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Zusy.473431 (B)
SentinelOneStatic AI – Malicious PE
AviraTR/Dropper.Gen
Antiy-AVLWorm/Win32.WBNA.gen
KingsoftWin32.Virut.xj.36864
MicrosoftWorm:Win32/Vobfus.gen!O
ArcabitTrojan.Zusy.D73957
ViRobotTrojan.Win32.A.Diple.217088.J
ZoneAlarmTrojan.Win32.Agent.aaohu
GDataGen:Variant.Zusy.473431
CynetMalicious (score: 100)
AhnLab-V3Worm/Win.WBNA.R506402
Acronissuspicious
McAfeeVBObfus.by
MAXmalware (ai score=81)
DeepInstinctMALICIOUS
VBA32BScope.Trojan-Dropper.VB.01545
MalwarebytesGeneric.Malware.AI.DDS
TrendMicro-HouseCallWORM_VOBFUS.SMAB
RisingWorm.Vobfus!8.10E (TFE:3:LVPXSQKaF0I)
YandexTrojan.GenAsa!3blfepsHOB4
IkarusWorm.Win32.AutoRun
FortinetW32/Diple.EJQE!tr
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Zusy.473431 (B)?

Zusy.473431 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment