Malware

Should I remove “Zusy.482214”?

Malware Removal

The Zusy.482214 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.482214 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the embedded win api malware family
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Zusy.482214?



File Info:

name: F258B2A3B9F0DC5D2B3A.mlw
path: /opt/CAPEv2/storage/binaries/f722871301bff1951b1edb8066e7825ac80d6b73c09518830d61e221f5979782
crc32: 624E3B9B
md5: f258b2a3b9f0dc5d2b3a16ded3db8a53
sha1: 4a99328cdedac6962f3321905064cfe833102e96
sha256: f722871301bff1951b1edb8066e7825ac80d6b73c09518830d61e221f5979782
sha512: 6e27f97a700b76e80f2a6fc55e86ef27d591abaab8439c49e040884dcd4eebe34882ba5737a5f4fbded655b5b9b304c2030d187bc64d90979ef07d9027c3eafb
ssdeep: 12288:rcc2rU/fytdmrk122NbyRmmVxhhw0jTC85FePfWwsXDgOmeDrkVk:r0U3ytdv2w2nxhfjTC8KfWbXDAzG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B3D42302D7CF50CEC44612F0AF235F2AB464AA160E489AEB30D5741DED7E721BFA6365
sha3_384: 528f767c0f794b4f9078a5ab3b89487ae1a25535a5f909e337c4328d342f63d29b8957af8cda0474eefbe51befc74574
ep_bytes: 6801b04b00e801000000c3c358cf3829
timestamp: 2023-08-07 11:05:01


Version Info:

FileDescription: Rockey4 Driver Installer
FileVersion: 2, 1, 9, 1207
InternalName: Installer
LegalCopyright: Copyright (C) 1999-2009 Feitian Technologies Co.,Ltd.
OriginalFilename: Installer.EXE
ProductName: Rockey4
ProductVersion: 2, 1, 9, 1207
Translation: 0x0804 0x04b0

Zusy.482214 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Lotok.4!c
MicroWorld-eScanGen:Variant.Zusy.482214
FireEyeGen:Variant.Zusy.482214
SkyhighBehavesLike.Win32.Downloader.jc
ALYacGen:Variant.Zusy.482214
Cylanceunsafe
ZillyaBackdoor.Lotok.Win32.3205
SangforBackdoor.Win32.Lotok.V99z
CrowdStrikewin/malicious_confidence_100% (W)
K7GWTrojan ( 0058b4a21 )
K7AntiVirusTrojan ( 0058b4a21 )
BitDefenderThetaGen:NN.ZexaF.36744.My0aaOG7FBjj
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/TrojanDownloader.Agent.HDI
APEXMalicious
CynetMalicious (score: 100)
KasperskyBackdoor.Win32.Lotok.otf
BitDefenderGen:Variant.Zusy.482214
AvastWin32:BackdoorX-gen [Trj]
TencentMalware.Win32.Gencirc.13ecb1a9
EmsisoftGen:Variant.Zusy.482214 (B)
F-SecureBackdoor.BDS/Redcap.tfdbd
VIPREGen:Variant.Zusy.482214
Trapminemalicious.high.ml.score
SophosMal/Generic-S
IkarusTrojan-Downloader.Win32.Agent
JiangminBackdoor/Huigezi.2007.appg
VaristW32/ABRisk.MMVY-6533
AviraBDS/Redcap.tfdbd
Antiy-AVLTrojan[Backdoor]/Win32.Lotok
KingsoftWin32.Hack.Lotok.otf
ArcabitTrojan.Zusy.D75BA6
ZoneAlarmBackdoor.Win32.Lotok.otf
GDataGen:Variant.Zusy.482214
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R600355
McAfeeArtemis!F258B2A3B9F0
MAXmalware (ai score=85)
MalwarebytesMachineLearning/Anomalous.100%
PandaTrj/Chgt.AD
TrendMicro-HouseCallTROJ_GEN.R002H09HH23
RisingBackdoor.Lotok!8.111D5 (TFE:5:9IJrIXJXB5P)
SentinelOneStatic AI – Suspicious PE
FortinetW32/Agent.AFMM!tr
AVGWin32:BackdoorX-gen [Trj]
Cybereasonmalicious.cdedac

How to remove Zusy.482214?

Zusy.482214 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment