Zusy.523874 (B) (file analysis)

The Zusy.523874 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Zusy.523874 (B) virus can do?

Sample contains Overlay data
Authenticode signature is invalid

How to determine Zusy.523874 (B)?


File Info:
name: 3901279AAC2E99450C72.mlw
path: /opt/CAPEv2/storage/binaries/a03230cc730ba242eb5c704b9c22ffbad108cbba13b25b3ddef2c45657391201
crc32: 94020F8B
md5: 3901279aac2e99450c72fb84717c9535
sha1: 53c3397607f8d3b40b1ae5ee1eb342ba7ac99eb0
sha256: a03230cc730ba242eb5c704b9c22ffbad108cbba13b25b3ddef2c45657391201
sha512: 8c51dbdd0b25c33a368e0f11e01b6fd42eba5dffacf74e9b5da637d126db88b61dc562011041becb3486e9b15ebffae9ba893d2413344749b9f445f94e684c26
ssdeep: 12288:6TW9802yhXgfWDwt/Aa8QdYpc/zEFXOHHGktOQHR8CyO:6UFwfWUt/AppqEFXOHhOQ7yO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11215AE21B6F240F6C69555300A7A7776AA75EA860B11CFC793A4DF3C1D332B1AC3712A
sha3_384: b0777b1fa9680fc1194ca6a0ca8caeeb77058f357def9cfec127de14e250219d5a8807d4094a324e7cccdf191b65cd8c
ep_bytes: 558bec6aff68083b49006824c7450064
timestamp: 2012-01-12 06:55:07

Version Info:
0: [No Data]

Zusy.523874 (B) also known as:

Bkav	W32.AIDetectMalware
MicroWorld-eScan	Gen:Variant.Zusy.523874
FireEye	Generic.mg.3901279aac2e9945
Skyhigh	BehavesLike.Win32.Dropper.cm
ALYac	Gen:Variant.Zusy.523874
Malwarebytes	Generic.Malware.AI.DDS
Cybereason	malicious.607f8d
BitDefenderTheta	Gen:NN.ZexaF.36792.3qZ@aKw6Qwn
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEX	Malicious
Cynet	Malicious (score: 100)
Sophos	Generic ML PUA (PUA)
F-Secure	Trojan:W32/DelfInject.R
VIPRE	Gen:Variant.Zusy.523874
Trapmine	malicious.moderate.ml.score
Emsisoft	Gen:Variant.Zusy.523874 (B)
SentinelOne	Static AI – Malicious PE
Avira	TR/Crypt.XPACK.Gen7
MAX	malware (ai score=82)
Antiy-AVL	Trojan/Win32.FlyStudio.a
Xcitium	Worm.Win32.Dropper.RA@1qraug
Arcabit	Trojan.Zusy.D7FE62
Google	Detected
Cylance	unsafe
Rising	Trojan.Generic@AI.100 (RDML:OoTrv+z5as/NFNal54gY6w)
Yandex	Trojan.GenAsa!TNcsFubRmN0
Ikarus	Trojan.Win32.Krypt
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_70% (D)

How to remove Zusy.523874 (B)?

Zusy.523874 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X