Malware

Zusy.528998 (file analysis)

Malware Removal

The Zusy.528998 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.528998 virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to interact with an Alternate Data Stream (ADS)

How to determine Zusy.528998?



File Info:

name: 8D6AC4286D7E9F79B1A4.mlw
path: /opt/CAPEv2/storage/binaries/212c57d88d9db4a6f1f8aba93f761bb422954d2e0c71a3e3c76ba8923b55a1ac
crc32: 768E86A4
md5: 8d6ac4286d7e9f79b1a43c16c3e30014
sha1: d9a395a6cbd3c5d449fc4ebbbf7693fd77199750
sha256: 212c57d88d9db4a6f1f8aba93f761bb422954d2e0c71a3e3c76ba8923b55a1ac
sha512: b5c128c9836aec81a471580d192c1568b40d27e3faa0000af14b1bbb2950e3bca0cf6174fe539a55ec51fc13ec26b45b32048aab1bbb7fe3ff36e6213e8d04cc
ssdeep: 98304:mF4S/E8IlaKmEwhAU3wdDuroOcsQudbtB:mFfc8IY4DuroOcsQudbtB
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T138169D23BF495473C4A326385E4757AC9A24BF013A64EA877BB43C4CAF75780783A257
sha3_384: 3573fd8fa7bc696f5281278250911eb71a6d564f2131e19179d637dd79776327300c2b6270c9d3eb0a0cf5bc572cd8bc
ep_bytes: 558bec83c4f0535657b86c2a6500e8b5
timestamp: 1992-06-19 22:22:17


Version Info:

CompanyName: Advertising Digital Services (Pty) Ltd
FileDescription: Instore Marketing Tool
FileVersion: 4.0.0.5
InternalName: 
LegalCopyright: Advertising Digital Services (Pty) Ltd 1996-2017
LegalTrademarks: ADSound
OriginalFilename: 
ProductName: ADSound
ProductVersion: 4
Comments: info@adsproducts.com
Translation: 0x1c09 0x04e4

Zusy.528998 also known as:

LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanGen:Variant.Zusy.528998
FireEyeGen:Variant.Zusy.528998
SkyhighBehavesLike.Win32.Dropper.wc
McAfeeArtemis!8D6AC4286D7E
Cylanceunsafe
ArcabitTrojan.Zusy.D81266
SymantecTrojan.Gen.MBT
BitDefenderGen:Variant.Zusy.528998
EmsisoftGen:Variant.Zusy.528998 (B)
VIPREGen:Variant.Zusy.528998
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataGen:Variant.Zusy.528998
AhnLab-V3Malware/Win.Generic.C4593367
VBA32BScope.Adware.Presenoker
ALYacGen:Variant.Zusy.528998
MAXmalware (ai score=87)
DeepInstinctMALICIOUS
MalwarebytesGeneric.Malware/Suspicious
TrendMicro-HouseCallTROJ_GEN.R002H09LP23
MaxSecureTrojan.Malware.221291918.susgen
FortinetW32/PossibleThreat

How to remove Zusy.528998?

Zusy.528998 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment