Zusy.502080 (file analysis)

The Zusy.502080 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Zusy.502080 virus can do?

Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid

How to determine Zusy.502080?


File Info:
name: 73CCE23B5D1C32711369.mlw
path: /opt/CAPEv2/storage/binaries/3496418bee3970e2f10b13502d17c8358b825c67f0bac5511e31e123ec53dfe8
crc32: A3C10472
md5: 73cce23b5d1c3271136962507b87e9c3
sha1: 31948fe86e79ace40e22b0f364bbed86bcab0166
sha256: 3496418bee3970e2f10b13502d17c8358b825c67f0bac5511e31e123ec53dfe8
sha512: af255b16a8806e6cb2527d1ec3f6076abff062e238a591146ca5cc1d14b4703d973c0160ddeac0f2d2b580aabe8191d3438ed597b890ad5dfe112f1778b618aa
ssdeep: 12288:JtE9b1tlLeHMD63GouJkydDemHe3lYe0Snt3R8rZ0Snt3Rh:g13LKMO3sqydim+3+8Wh
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T180157C02BAA5E4B7CB0495B058ABEB366B255E054B20CFC323E5FE1F3D32581DD2715A
sha3_384: 4285fe3287055cd59551feeaf41b1142d7a5e85d7b1466b4af3f77ceeeadaef7bc70a3e724ea5f954d6c5d4d33d29a32
ep_bytes: 558bec6aff68d01c4a0068e43c450064
timestamp: 2012-08-19 16:39:07

Version Info:
FileVersion: 1.0.0.0
FileDescription: 易语言程序
ProductName: 猫咪家族出版
ProductVersion: 1.0.0.0
CompanyName: 猫咪丶无锡
LegalCopyright: 猫咪丶无锡 版权所有
Comments: 本程序使用易语言编写(http://www.eyuyan.com)
Translation: 0x0804 0x04b0

Zusy.502080 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.lhqQ
MicroWorld-eScan	Gen:Variant.Zusy.502080
Skyhigh	BehavesLike.Win32.Generic.ch
McAfee	Artemis!73CCE23B5D1C
Malwarebytes	Generic.Malware.AI.DDS
VIPRE	Gen:Variant.Zusy.502080
Sangfor	Trojan.Win32.Agent.Vx2p
K7AntiVirus	Trojan ( 005246d51 )
Alibaba	Trojan:Win32/Generic.9e008a13
K7GW	Trojan ( 005246d51 )
Cybereason	malicious.86e79a
Arcabit	Trojan.Zusy.D7A940
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Packed.FlyStudio.AA potentially unwanted
Cynet	Malicious (score: 100)
APEX	Malicious
BitDefender	Gen:Variant.Zusy.502080
Avast	Win32:Malware-gen
Emsisoft	Gen:Variant.Zusy.502080 (B)
F-Secure	Trojan:W32/DelfInject.R
FireEye	Generic.mg.73cce23b5d1c3271
Sophos	Mal/Generic-S
Ikarus	Trojan.Win32.Injector
Jiangmin	Backdoor/Blackhole.cvw
Varist	W32/Trojan.CLL.gen!Eldorado
Antiy-AVL	Trojan/Win32.Vindor
Kingsoft	malware.kb.a.1000
Xcitium	Worm.Win32.Dropper.RA@1qraug
Microsoft	Trojan:Win32/Vindor!pz
GData	Win32.Trojan.PSE.13003U4
Google	Detected
VBA32	Trojan.Emotet
ALYac	Gen:Variant.Zusy.502080
MAX	malware (ai score=80)
Cylance	unsafe
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R002H0CJK23
Rising	Trojan.Generic@AI.99 (RDML:OlkR9+1yRe19HVgTh5Mxvg)
Yandex	Trojan.GenAsa!SRh1McQ+fEQ
SentinelOne	Static AI – Malicious PE
MaxSecure	Dropper.Dinwod.frindll
BitDefenderTheta	Gen:NN.ZexaF.36792.1q0@aOWRVQbb
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_70% (W)

How to remove Zusy.502080?

Zusy.502080 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X