Zusy

By GoldSparrow in Trojans

Threat Scorecard

Ranking: 4,177
Threat Level: 80 % (High)
Infected Computers: 38,096
First Seen: March 12, 2012
Last Seen: January 25, 2024
OS(es) Affected: Windows

Zusy is a Trojan that proliferates via Facebook messages by compromising account data and credentials. Zusy is distributed by sending a message to an affected PC user and posing as one of their friends with the term 'LOL' accompanied by a file coming up to be downloaded which looks like a photo named 'IMG_xxxx.zip'. The file, when downloaded, is unzipped by the computer user who clicks on it thinking it is an image file named 'IMG_xxxx.jar'. The JAR part of the file executes, downloading a malware infection called Zusy and, thus, contaminating the corrupted PC. The target computer user's Facebook account is compromised and then it is used to disperse more malware infections to friends of the PC user.

SpyHunter Detects & Remove Zusy

File System Details

Zusy may create the following file(s):
# File Name MD5 Detections
1. file.exe 2262802fadaf196687d35cd787092b14 5,605
2. cg5cfc41.1xb.exe 023bff6a86e955e2126e12eda4a460d3 5,334
3. 78ba046f4d8c46bee24d6e97b436e515 78ba046f4d8c46bee24d6e97b436e515 5
4. olube.exe 041034673436e090275832bbf6aa3b23 2
5. IMG_xxxx.zip
6. 7b9acbfbdb33614a05eba4293579139626f369df519492a728221cb58ae31fff.exe ca9427b410256147c0a3b4bb2cdf82cd 0
7. 828d9090886d2a36c7ecfd8e90df0fbfc5a1675d4f4d96531332ecc397bd5ca1.exe cffb605ef7f85b94f4e34443d2374dc9 0
8. 8bc65b73ce9b6bd9efe50eba0830d19910b26b474865499f31bfbc23fa6e4778.exe 7205f8ca6ce9ea7855fb87932b36fa58 0
9. 8d293f492780e9a75e7a66abe2c305eee3ad0b47db783f7dd3f5c99e0025467a.exe 11b0e806821370c5a430eb5422b500d2 0
10. 927d7beb77c61a297d3dde909aa5732ea79309cf5a9c48f04f67fbff564ffbc3.exe 70cd85b265a5aaaca8c0a1e6fee82472 0
11. 9fe1ede8c8cc0f7d2041af58d6f8d8512e03ac3f3f278b69e231e94681b27145.exe fe1547d1212ef51e0f76d7cc724e0581 0
12. a1985d1f12a226e2f02aa969cc9d0c54d4be85751d5a3303661ed97a33563c82.exe d1c4d9cbe82954885eae412a6a13962d 0
13. a24cb6e0bae5b24c3be0cd1e315edf24e7bac607d9032e40f3a80e285135a582.exe eba7db797f6095b981abd7eb721f9bcf 0
14. c70e4afb9935441db9d2cf65fbbbe9d487e88eaff063ca088760dd7afe04b35e.exe 4b45c4f390fdf1144c88c091f3b6a626 0
15. d32e390b887f8065da344a04689eb7518b686d23da1a9f1477c4c5570cebf88a.exe da5bf02e175b90f26bf6eb1b9431b7c2 0
16. d6fbe6df86ab23bfb86cccd544d8ad300f639dd1e99f3faeab42ea7d0bf82823.exe 5d9f0225b6958d337d4c55b199997e59 0
17. d882fbf51100fccc2dd704e46c61dcde356bb36bad4009e04e7d2f9b254aac87.exe 79528cef9a20296ed5706ea42db00c8b 0
18. da14574e2fedc67b57f786581f05e5e107b67c5fe4b975b58558b4ee6eff025b.exe 9e288f07ddb546b1cdc4a771bc163bdb 0
19. dd9bc1e32f9acaa1e6b70a1bc5d912db45be3c06323a2ac2292fade25ff87347.exe 05ece0d4c143c3c6ab4d680013dd4f69 0
20. e3b58dbc997989d62675d5f97ffbd6e7156d0926252a945b9f0ddcdfd9264dc3.exe 5b3bfe33fe048f2ea40a1f5197e0bce2 0
21. ea8881629dc023155dfe5104ddbbb42a60a83f0ff97599a208326ef592ffffac.exe d026b3052efb8fe5d316700717de420b 0
22. ef8930de7dc3e9f8e3206d648352aa4e57a32894fb991dfb1b06b979c3e3678e.exe da55be72c4f42bd350057830aaf91e84 0
23. f2ac4e54c29576e9894a7f08cd6d053c663b06125e59c43d37e260e3ed29e6b7.exe a0daa552d734eccc930316764c4d9b22 0
24. file.exe f312f648b062125210c04738c618447b 0
25. data.bin f140723566acbc4a7196a1cf9ac7a381 0
26. file.exe 7b30416925df3f047a266432800ae219 0
27. file.exe 471b447db485341e4a8403e936a12677 0
28. file.exe bf662fd69b59fe01cb9a6f83dd8a48f8 0
29. file.exe b45bdfa1e7ac9621c828cef869acafa6 0
More files

Registry Details

Zusy may create the following registry entry or registry entries:
Regexp file mask
%APPDATA%\Microsoft\Temp.exe
%APPDATA%\svchost.exe

Directories

Zusy may create the following directory or directories:

%APPDATA%\winsystem
%PROGRAMFILES%\Jidd

Related Posts

Trending

Most Viewed

Loading...