Malware

What is “Zusy.540306”?

Malware Removal

The Zusy.540306 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.540306 virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • Binary file triggered YARA rule
  • Attempted to write directly to a physical drive
  • Accessed credential storage registry keys
  • Collects information to fingerprint the system
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Zusy.540306?



File Info:

name: C254534C512361BB7243.mlw
path: /opt/CAPEv2/storage/binaries/820bffd5c4c23fdc849d962742eebd9779d2dcf5114d9f4609f17acce4181da6
crc32: 657E8514
md5: c254534c512361bb7243ea801ac415b1
sha1: 75d1e8518f1ca125058c9318b1c107eaea7f60df
sha256: 820bffd5c4c23fdc849d962742eebd9779d2dcf5114d9f4609f17acce4181da6
sha512: 5a799645c0e02dc379a79753b3b84344d58993856434f14a3e4aaa49a14592d619ba4cfb585cf1a969b45ef46e7223c3eb750701cf1debe55ac201ff2a892dda
ssdeep: 24576:b6tlzT/Q2gfXVxEE+f+TiJ8xCu1Dl33wb1ajC4Ky3xyuTfxHUQn9:b6PT/gXVhLTs8xCuDHwb0X3nDuY9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18CE55F0BA6F9C114F5B2A670DA7582F6156B7F40EB38C58F528F3C5D3478A30AA20767
sha3_384: ac6d19f1a8110f49aa9fa55591f946b43a998422214c3bf1bfa82a227b217aa57e3d57a5a0637cfe46357eb54361e281
ep_bytes: e8fb050000e97afeffff558becf64508
timestamp: 2021-08-27 14:06:10


Version Info:

Comments: https://www.metaquotes.net
CompanyName: MetaQuotes Ltd.
FileDescription: Setup
FileVersion: 5.0.0.3029
InternalName: Setup
LegalCopyright: © 2000-2021, MetaQuotes Ltd.
LegalTrademarks: MetaTrader
OriginalFilename: Setup
ProductName: Setup
ProductVersion: 5.0.0.3029
Translation: 0x0000 0x04b0

Zusy.540306 also known as:

BkavW32.Common.99101AB1
LionicTrojan.Win32.Znyonm.4!c
MicroWorld-eScanGen:Variant.Zusy.540306
FireEyeGen:Variant.Zusy.540306
ALYacGen:Variant.Zusy.540306
Cylanceunsafe
BitDefenderThetaGen:NN.ZexaF.36802.9w3@aGZNP!ei
APEXMalicious
BitDefenderGen:Variant.Zusy.540306
VIPREGen:Variant.Zusy.540306
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Zusy.540306 (B)
GDataGen:Variant.Zusy.540306
JiangminTrojan.PSW.Stelega.fs
Antiy-AVLTrojan/Win32.Znyonm
Kingsoftmalware.kb.a.921
ArcabitTrojan.Zusy.D83E92
MicrosoftTrojan:Win32/Znyonm
MAXmalware (ai score=82)
MalwarebytesGeneric.Malware/Suspicious
TrendMicro-HouseCallTROJ_GEN.R002H09CD24
RisingTrojan.Generic@AI.96 (RDML:TOWnjSgTW5k1sthWjpPdYQ)
MaxSecureTrojan.Malware.237010036.susgen
FortinetW32/PossibleThreat
DeepInstinctMALICIOUS
alibabacloudTrojan:Win/Zusy

How to remove Zusy.540306?

Zusy.540306 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment