Malware

Zusy.62317 (B) removal guide

Malware Removal

The Zusy.62317 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Zusy.62317 (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Created a process from a suspicious location
  • A process sent information about the computer to a remote location.
  • Attempts to identify installed AV products by installation directory
  • Attempts to detect ThreatTrack/GFI/CW Sandbox through the presence of a file
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

How to determine Zusy.62317 (B)?



File Info:

name: DAD939BF43813811751F.mlw
path: /opt/CAPEv2/storage/binaries/882579dfc2027098ac8be781bbf2f715ccfc39257ed4a6d1f98ec022bd73b81a
crc32: E1D34D53
md5: dad939bf43813811751fce465a5d9537
sha1: 37fe0726e21d353b08c2cf639dd7c275debe5ff5
sha256: 882579dfc2027098ac8be781bbf2f715ccfc39257ed4a6d1f98ec022bd73b81a
sha512: 40634d247049cdb859227f1d2b4561717ea99becae9e8f1af18d695f969a228f5f381926cd673a821291b4c7ee994a3a3749de3fc73aca26b090901b4a925193
ssdeep: 3072:sdiC0RRFjWq70AZM0NxyBGfWKhiBFE3RJprCRAUlKEbkxcKXpDhoFDd9D+rEPAQ:uiCcWq70SLNxyo6FEHMAUlKCEcK5loPL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T130F35A40B68700F1DC230AB184CBF73F9F31E7054535EA25EB489B96ECB75A72A6D264
sha3_384: badcd69a7e7d03ba2ad3ade738f705d52fb8185f8b3fb2ddddc626b56cb9886fe2d1a824ca2199dd6d030b7dde46d104
ep_bytes: 5589e583ec08c7042402000000ff1598
timestamp: 2013-08-11 21:42:37


Version Info:

0: [No Data]

Zusy.62317 (B) also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
DrWebTrojan.DownLoad3.28319
MicroWorld-eScanGen:Variant.Zusy.62317
FireEyeGeneric.mg.dad939bf43813811
CAT-QuickHealBackdoor.Wavipeg.S16954
ALYacGen:Variant.Zusy.62317
CylanceUnsafe
ZillyaWorm.Agent.Win32.40033
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 004da9f11 )
K7GWTrojan ( 004da9f11 )
Cybereasonmalicious.f43813
BitDefenderThetaGen:NN.ZexaF.34294.juW@ayaXFdb
CyrenW32/Agent.DKF.gen!Eldorado
SymantecW32.Mewsei
ESET-NOD32a variant of Win32/Agent.NMA
ClamAVWin.Malware.Zusy-9896051-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Zusy.62317
NANO-AntivirusTrojan.Win32.Agent.cshkjv
AvastWin32:BackdoorX-gen [Trj]
RisingTrojan.Generic@ML.88 (RDML:HK5kXp28aOCqok4U0He28g)
Ad-AwareGen:Variant.Zusy.62317
TACHYONTrojan/W32.Agent.160768.PK
EmsisoftGen:Variant.Zusy.62317 (B)
BaiduWin32.Trojan.MewsSpy.a
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Spybot.ch
SophosMal/Generic-S
IkarusTrojan.Agent4
JiangminTrojan.Agent.aegn
AviraWORM/Agent.yepqj
Antiy-AVLTrojan/Generic.ASMalwS.38D3FD
MicrosoftBackdoor:Win32/Wavipeg.B
GDataGen:Variant.Zusy.62317
CynetMalicious (score: 100)
McAfeeGenericRXQB-NT!DAD939BF4381
MAXmalware (ai score=89)
VBA32Trojan.Bingoml
MalwarebytesTrojan.Agent
APEXMalicious
TencentTrojan.Win32.BitCoinMiner.la
YandexTrojan.Agent!oP43RGteBHc
SentinelOneStatic AI – Malicious PE
FortinetW32/Generic.AC.1FBA53!tr
AVGWin32:BackdoorX-gen [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_60% (D)
MaxSecureTrojan.Malware.121218.susgen

How to remove Zusy.62317 (B)?

Zusy.62317 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment