Malware

Zusy.507080 removal tips

Malware Removal

The Zusy.507080 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.507080 virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Attempted to write directly to a physical drive
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Zusy.507080?



File Info:

name: 3D4CC3F1309D3B8B4C80.mlw
path: /opt/CAPEv2/storage/binaries/38e8d19ba408f838398a4d234bd83e7f8134539fc3bb92ad53909592ac2976dc
crc32: 72EB425F
md5: 3d4cc3f1309d3b8b4c80bb3884aeda1f
sha1: a5caac0859b7599a82b81e1f360714b9fb323f37
sha256: 38e8d19ba408f838398a4d234bd83e7f8134539fc3bb92ad53909592ac2976dc
sha512: 71eaee3f5a6b000bc7af4690cd50062b1bf9afc33b1e2f894cdcffcb0b99ef4a35f290dab94e57c331e7d31c403a9d4dcfeb42079a1fb3aecee0c5d14f64f76f
ssdeep: 24576:WyYc0JLK+hGxYy1tU3MQS8VRXBwcyDYfMmhuAqNmn3agXGYQNohGlp:DYc0JhGxY78G+bMluAqAB2nNI0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15F6523DBB2688DE2DA6B5139B205DF3DC703ED1E6515086154B17B2FF6242929F0CE2C
sha3_384: 448600bd9259053adaa4d0c4b809ef75db66b7798fa2303006c2da4ea5199f4ca0cdaf993a8bd6d08ff1c7fbf67c704e
ep_bytes: 60be00a061008dbe0070deff5789e58d
timestamp: 2023-10-25 04:13:26


Version Info:

FileVersion: 1.4.0.0
FileDescription: 易语言程序
ProductName: 吾爱优惠
ProductVersion: 1.4.0.0
LegalCopyright: 作者版权所有 请尊重并使用正版
Comments: 本程序使用易语言编写(http://www.eyuyan.com)
Translation: 0x0804 0x04b0

Zusy.507080 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (moderate confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.3d4cc3f1309d3b8b
SkyhighBehavesLike.Win32.Generic.tc
McAfeeArtemis!3D4CC3F1309D
Cylanceunsafe
SangforTrojan.Win32.Agent.Vqn6
K7AntiVirusTrojan ( 005246d51 )
AlibabaTrojanSpy:Win32/Estoler.181228
K7GWTrojan ( 005246d51 )
CrowdStrikewin/grayware_confidence_70% (D)
BitDefenderThetaGen:NN.ZexaF.36744.BnKfaSm7Bvmb
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEXMalicious
BitDefenderGen:Variant.Zusy.507080
NANO-AntivirusTrojan.Win32.PUPStudio.kcyzpk
MicroWorld-eScanGen:Variant.Zusy.507080
AvastWin32:TrojanX-gen [Trj]
EmsisoftGen:Variant.Zusy.507080 (B)
DrWebTrojan.MulDrop24.9604
VIPREGen:Variant.Zusy.507080
Trapminemalicious.high.ml.score
SophosGeneric Reputation PUA (PUA)
IkarusTrojan.Win32.Agent
GDataWin32.Trojan.PSE.1KQMTX4
GoogleDetected
Antiy-AVLRiskWare/Win32.FlyStudio.a
XcitiumPacked.Win32.MUPX.Gen@24tbus
ArcabitTrojan.Zusy.D7BCC8
MicrosoftTrojan:Win32/Wacatac.B!ml
VaristW32/ABRisk.OCEN-0533
AhnLab-V3Trojan/Win.Generic.R611257
ALYacGen:Variant.Zusy.507080
MAXmalware (ai score=82)
MalwarebytesMachineLearning/Anomalous.100%
TrendMicro-HouseCallTROJ_GEN.R014H09JU23
RisingTrojan.Generic@AI.84 (RDML:5CEjFxTiuNINwFkdRBaw7w)
SentinelOneStatic AI – Malicious PE
MaxSecureDropper.Dinwod.frindll
FortinetRiskware/FlyApplication
AVGWin32:TrojanX-gen [Trj]
Cybereasonmalicious.859b75
DeepInstinctMALICIOUS

How to remove Zusy.507080?

Zusy.507080 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment