Zusy.487806 malicious file

The Zusy.487806 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Zusy.487806 virus can do?

The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Zusy.487806?


File Info:
name: AA606401BB9BBB27B187.mlw
path: /opt/CAPEv2/storage/binaries/0d38ce36e881100490c7ee082c0984515ae310672b330961327697611cc1a058
crc32: FC78FEA5
md5: aa606401bb9bbb27b187ae1506b28b69
sha1: f7e8889cdfc5953be2a08569d06536d3dfd7b7ad
sha256: 0d38ce36e881100490c7ee082c0984515ae310672b330961327697611cc1a058
sha512: 3a9ffc1e30f7de9e32cd2e0a4a169e209f65179a570a034bb3b34870803fbad63b6cc2a36a6f9225097df94f3306537b33893bdb52d137b922f0e9187f55fc6a
ssdeep: 24576:YiuBtZdsiHnMxiSUl+NSNF4c0HubZkWMw5p1YrFeCEKi:vuBfdsiHnCzUGoSBHK/MRY/N
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T17F350200FD544472F2AB153114D68E6BEE2DA6628371CAFFB784987D4F222C1E5B1DB2
sha3_384: ba5ffae8bf32752976591e4509ac1c55443820c24f11c62fa98e27b586e29a3c4e6562622e9815a40b755f4585e96432
ep_bytes: e898070000e974feffff558bec8b4508
timestamp: 2023-09-13 12:27:56

Version Info:
0: [No Data]

Zusy.487806 also known as:

Bkav	W32.AIDetectMalware
Cynet	Malicious (score: 100)
Malwarebytes	Trojan.Injector
VIPRE	Gen:Variant.Zusy.487806
Sangfor	Trojan.Win32.Save.a
BitDefender	Gen:Variant.Zusy.487806
Cybereason	malicious.cdfc59
Cyren	W32/Kryptik.KQV.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Kryptik.HTQR
APEX	Malicious
Kaspersky	HEUR:Trojan-PSW.Win32.Stealerc.gen
MicroWorld-eScan	Gen:Variant.Zusy.487806
Avast	Win32:CrypterX-gen [Trj]
Emsisoft	Gen:Variant.Zusy.487806 (B)
DrWeb	Trojan.Inject4.61027
McAfee-GW-Edition	BehavesLike.Win32.Generic.tc
FireEye	Generic.mg.aa606401bb9bbb27
Sophos	Generic ML PUA (PUA)
MAX	malware (ai score=88)
Antiy-AVL	Trojan/Win32.Sabsik
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Arcabit	Trojan.Zusy.D7717E
ZoneAlarm	VHO:Backdoor.Win32.Agent.gen
GData	Gen:Variant.Zusy.487806
Google	Detected
ALYac	Gen:Variant.Zusy.487806
Cylance	unsafe
Panda	Trj/GdSda.A
Rising	Trojan.Generic@AI.100 (RDML:XfkZEEOE+v4voIYOnRnCjg)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.121218.susgen
BitDefenderTheta	Gen:NN.ZexaF.36662.czW@amwOkIfi
AVG	Win32:CrypterX-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_90% (D)

How to remove Zusy.487806?

Zusy.487806 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X