Malware

Zusy.497516 information

Malware Removal

The Zusy.497516 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.497516 virus can do?

  • Performs HTTP requests potentially not found in PCAP.
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering

How to determine Zusy.497516?



File Info:

name: 5D966012A131812486B0.mlw
path: /opt/CAPEv2/storage/binaries/96e757afeb3b2953feadb6db7baa4a47656d13c986bcfb2ecb73301f5da67cb9
crc32: ADD1F01B
md5: 5d966012a131812486b05e86fc6100da
sha1: 0eb858d7ac9e6030affd6f06513693bfea858ad2
sha256: 96e757afeb3b2953feadb6db7baa4a47656d13c986bcfb2ecb73301f5da67cb9
sha512: d9a716f8644b503abb67f3e41ae83224940d52534a5238788781bbf8e07b34609514d0be5d2cb564d48c53bf2c1f18dfc534e6a8ceefc4b8a0bf0e46cb1dfc67
ssdeep: 24576:+/l3p3VnUuMTJ6Om39+DvaW5zWvUSbHjWCuWvUSbHz:+33VeMOo9CxzWvUoRuWvUoT
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16D65D143B6C3C0F5D525123048D62B7AAA3A9F254F32EB83A724FD3D5E75290D62B11E
sha3_384: b4fd68e300df426b6b31eb70cf9cfaf318a2952be126e643194163b8ad665d2790c687dd5dee122f8fafb79b4c054224
ep_bytes: 558bec6aff6880e54e0068a420470064
timestamp: 2012-07-28 05:33:47


Version Info:

FileVersion: 1.0.0.0
FileDescription: DHWKJ
ProductName: DHWKJ
ProductVersion: 1.0.0.0
CompanyName: DHWKJ
LegalCopyright: DHWKJ
Comments: DHWKJ
Translation: 0x0804 0x04b0

Zusy.497516 also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Zusy.497516
ClamAVWin.Malware.Recam-9971646-0
FireEyeGeneric.mg.5d966012a1318124
SkyhighBehavesLike.Win32.Generic.th
MalwarebytesGeneric.Malware.AI.DDS
K7AntiVirusTrojan ( 005246d51 )
K7GWTrojan ( 005246d51 )
CrowdStrikewin/malicious_confidence_70% (D)
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEXMalicious
CynetMalicious (score: 100)
BitDefenderGen:Variant.Zusy.497516
AvastMalwareX-gen [Trj]
EmsisoftGen:Variant.Zusy.497516 (B)
F-SecureTrojan:W32/DelfInject.R
Trapminemalicious.moderate.ml.score
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Suspicious PE
GDataWin32.Trojan.PSE.1S437JY
GoogleDetected
MAXmalware (ai score=86)
Antiy-AVLTrojan/Win32.FlyStudio.a
Kingsoftmalware.kb.a.995
XcitiumWorm.Win32.Dropper.RA@1qraug
ArcabitTrojan.Zusy.D7976C
MicrosoftProgram:Win32/Wacapew.C!ml
VaristW32/Trojan.CLL.gen!Eldorado
McAfeeGenericRXAZ-AG!5D966012A131
Cylanceunsafe
RisingTrojan.Generic@AI.94 (RDML:184S+Yl3tVK9lErffK+xwg)
MaxSecureTrojan.Malware.300983.susgen
AVGMalwareX-gen [Trj]
DeepInstinctMALICIOUS

How to remove Zusy.497516?

Zusy.497516 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment