Malware

Zusy.541251 malicious file

Malware Removal

The Zusy.541251 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.541251 virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Binary file triggered YARA rule
  • Creates a copy of itself
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Zusy.541251?



File Info:

name: 8E60421A15DA3962A8EF.mlw
path: /opt/CAPEv2/storage/binaries/7bf201eda06ce8dc63cba4e99b4545572416dce7dd0ab40c03b65c5aada31a23
crc32: C16A2787
md5: 8e60421a15da3962a8ef73cfae51cfca
sha1: 59e58d8b4e23072448981e4b7e0e902c683172f9
sha256: 7bf201eda06ce8dc63cba4e99b4545572416dce7dd0ab40c03b65c5aada31a23
sha512: 078600db289231eab3c90b1fa06963c34abd7f1ead729ce0143d19ff4edb94ad54b5dad97a365866f0791f068d99a7a0d203f1ad07071ba213291c23b5f0feca
ssdeep: 196608:Dp6ftbYezoooh8V2KQqGfyxXIicOExzUx8Bssun3f6B2+l1fhwLrS:DEVbHoooh8V2KQH6uBsc9KLW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T195C6BF13B285903AD8A70A35582F96A8653FBB703B7249CB27B02D8C9F357C15E39717
sha3_384: fa9659b56abe7534a9d7b36d97330bf3680cb719c1cf1761177674920907b16cadfb7537285429897bb68699dfc407b8
ep_bytes: 558becb90c0000006a006a004975f951
timestamp: 2023-11-21 09:26:03


Version Info:

FileDescription: Login
FileVersion: 23.7.21.0
ProductName: Login
ProductVersion: 1.0.0.0
ProgramID: com.embarcadero.Login
Translation: 0x0409 0x04e4

Zusy.541251 also known as:

LionicTrojan.Win32.Inject.1b!c
AVGTrojanX-gen [Trj]
MicroWorld-eScanGen:Variant.Zusy.541251
FireEyeGeneric.mg.8e60421a15da3962
SkyhighBehavesLike.Win32.BadFile.wh
McAfeeArtemis!8E60421A15DA
Cylanceunsafe
SangforTrojan.Win32.Zusy.Vmnd
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
CynetMalicious (score: 99)
KasperskyHEUR:Trojan.Win32.Inject.gen
BitDefenderGen:Variant.Zusy.541251
AvastTrojanX-gen [Trj]
F-SecureHeuristic.HEUR/AGEN.1373383
VIPREGen:Variant.Zusy.541251
EmsisoftGen:Variant.Zusy.541251 (B)
IkarusTrojan.Delf.Inject
AviraHEUR/AGEN.1373383
MAXmalware (ai score=81)
Antiy-AVLTrojan/Win32.Inject
KingsoftWin32.Trojan.Inject.gen
MicrosoftTrojan:Win32/Wacatac.B!ml
GridinsoftTrojan.Win32.Downloader.sa
ArcabitTrojan.Zusy.D84243
ZoneAlarmHEUR:Trojan.Win32.Inject.gen
GDataGen:Variant.Zusy.541251
ALYacGen:Variant.Zusy.541251
MalwarebytesGeneric.Malware/Suspicious
RisingTrojan.Inject!8.103 (TFE:5:LJCjqKULl0)
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen
Cybereasonmalicious.a15da3
alibabacloudTrojan:Win/Zusy

How to remove Zusy.541251?

Zusy.541251 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment