Zusy
Posted: April 17, 2014
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 3,885 |
|---|---|
| Threat Level: | 8/10 |
| Infected PCs: | 88,986 |
| First Seen: | March 12, 2012 |
|---|---|
| Last Seen: | October 15, 2023 |
| OS(es) Affected: | Windows |
Zusy is a Trojan that propagates via Facebook messages by hijacking accounts. Zusy circulates by sending a message to a victimized computer user and masquerading as one of their friends with the term 'LOL' accompanied by a file coming up to be downloaded which seems to be a photo called 'IMG_xxxx.zip'. The file, once downloaded, is unzipped by the PC user who clicks on it thinking it to be an image file called 'IMG_xxxx.jar'. The JAR part of the file executes, downloading a malware threat called Zusy and, thus, infecting the targeted computer system. The affected PC user's Facebook account is hijacked and then it is used to spread more malware threats to friends of the computer user.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%SYSTEMDRIVE%\Users\<username>\AppData\Local\Temp\csrss\mrt.exe\file.exe
File name: file.exeSize: 1.48 MB (1484800 bytes)
MD5: 2262802fadaf196687d35cd787092b14
Detection count: 13,125
File type: Executable File
Mime Type: unknown/exe
Path: %SYSTEMDRIVE%\Users\<username>\AppData\Local\Temp\csrss\mrt.exe
Group: Malware file
Last Updated: February 23, 2023
C:\Windows\system32\config\systemprofile\AppData\Roaming\CRMSvc\cg5cfc41.1xb.exe
File name: cg5cfc41.1xb.exeSize: 1.59 MB (1598464 bytes)
MD5: 023bff6a86e955e2126e12eda4a460d3
Detection count: 12,493
File type: Executable File
Mime Type: unknown/exe
Path: C:\Windows\system32\config\systemprofile\AppData\Roaming\CRMSvc\cg5cfc41.1xb.exe
Group: Malware file
Last Updated: December 28, 2021
file.exe
File name: file.exeSize: 798.72 KB (798720 bytes)
MD5: f312f648b062125210c04738c618447b
Detection count: 75
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: June 27, 2017
f2ac4e54c29576e9894a7f08cd6d053c663b06125e59c43d37e260e3ed29e6b7.exe
File name: f2ac4e54c29576e9894a7f08cd6d053c663b06125e59c43d37e260e3ed29e6b7.exeSize: 417.79 KB (417792 bytes)
MD5: a0daa552d734eccc930316764c4d9b22
Detection count: 53
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 6, 2017
ef8930de7dc3e9f8e3206d648352aa4e57a32894fb991dfb1b06b979c3e3678e.exe
File name: ef8930de7dc3e9f8e3206d648352aa4e57a32894fb991dfb1b06b979c3e3678e.exeSize: 401.4 KB (401408 bytes)
MD5: da55be72c4f42bd350057830aaf91e84
Detection count: 52
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 6, 2017
ea8881629dc023155dfe5104ddbbb42a60a83f0ff97599a208326ef592ffffac.exe
File name: ea8881629dc023155dfe5104ddbbb42a60a83f0ff97599a208326ef592ffffac.exeSize: 425.98 KB (425984 bytes)
MD5: d026b3052efb8fe5d316700717de420b
Detection count: 51
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 6, 2017
e3b58dbc997989d62675d5f97ffbd6e7156d0926252a945b9f0ddcdfd9264dc3.exe
File name: e3b58dbc997989d62675d5f97ffbd6e7156d0926252a945b9f0ddcdfd9264dc3.exeSize: 401.4 KB (401408 bytes)
MD5: 5b3bfe33fe048f2ea40a1f5197e0bce2
Detection count: 50
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 6, 2017
d882fbf51100fccc2dd704e46c61dcde356bb36bad4009e04e7d2f9b254aac87.exe
File name: d882fbf51100fccc2dd704e46c61dcde356bb36bad4009e04e7d2f9b254aac87.exeSize: 475.13 KB (475136 bytes)
MD5: 79528cef9a20296ed5706ea42db00c8b
Detection count: 46
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 6, 2017
d6fbe6df86ab23bfb86cccd544d8ad300f639dd1e99f3faeab42ea7d0bf82823.exe
File name: d6fbe6df86ab23bfb86cccd544d8ad300f639dd1e99f3faeab42ea7d0bf82823.exeSize: 405.5 KB (405504 bytes)
MD5: 5d9f0225b6958d337d4c55b199997e59
Detection count: 45
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 6, 2017
d32e390b887f8065da344a04689eb7518b686d23da1a9f1477c4c5570cebf88a.exe
File name: d32e390b887f8065da344a04689eb7518b686d23da1a9f1477c4c5570cebf88a.exeSize: 462.84 KB (462848 bytes)
MD5: da5bf02e175b90f26bf6eb1b9431b7c2
Detection count: 44
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 6, 2017
c70e4afb9935441db9d2cf65fbbbe9d487e88eaff063ca088760dd7afe04b35e.exe
File name: c70e4afb9935441db9d2cf65fbbbe9d487e88eaff063ca088760dd7afe04b35e.exeSize: 413.69 KB (413696 bytes)
MD5: 4b45c4f390fdf1144c88c091f3b6a626
Detection count: 43
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 6, 2017
9fe1ede8c8cc0f7d2041af58d6f8d8512e03ac3f3f278b69e231e94681b27145.exe
File name: 9fe1ede8c8cc0f7d2041af58d6f8d8512e03ac3f3f278b69e231e94681b27145.exeSize: 409.6 KB (409600 bytes)
MD5: fe1547d1212ef51e0f76d7cc724e0581
Detection count: 36
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 6, 2017
927d7beb77c61a297d3dde909aa5732ea79309cf5a9c48f04f67fbff564ffbc3.exe
File name: 927d7beb77c61a297d3dde909aa5732ea79309cf5a9c48f04f67fbff564ffbc3.exeSize: 401.4 KB (401408 bytes)
MD5: 70cd85b265a5aaaca8c0a1e6fee82472
Detection count: 35
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 6, 2017
8d293f492780e9a75e7a66abe2c305eee3ad0b47db783f7dd3f5c99e0025467a.exe
File name: 8d293f492780e9a75e7a66abe2c305eee3ad0b47db783f7dd3f5c99e0025467a.exeSize: 409.6 KB (409600 bytes)
MD5: 11b0e806821370c5a430eb5422b500d2
Detection count: 34
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 6, 2017
8bc65b73ce9b6bd9efe50eba0830d19910b26b474865499f31bfbc23fa6e4778.exe
File name: 8bc65b73ce9b6bd9efe50eba0830d19910b26b474865499f31bfbc23fa6e4778.exeSize: 438.27 KB (438272 bytes)
MD5: 7205f8ca6ce9ea7855fb87932b36fa58
Detection count: 33
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 6, 2017
file.exe
File name: file.exeSize: 160.76 KB (160768 bytes)
MD5: bf662fd69b59fe01cb9a6f83dd8a48f8
Detection count: 33
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: October 13, 2017
828d9090886d2a36c7ecfd8e90df0fbfc5a1675d4f4d96531332ecc397bd5ca1.exe
File name: 828d9090886d2a36c7ecfd8e90df0fbfc5a1675d4f4d96531332ecc397bd5ca1.exeSize: 409.6 KB (409600 bytes)
MD5: cffb605ef7f85b94f4e34443d2374dc9
Detection count: 32
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 6, 2017
7b9acbfbdb33614a05eba4293579139626f369df519492a728221cb58ae31fff.exe
File name: 7b9acbfbdb33614a05eba4293579139626f369df519492a728221cb58ae31fff.exeSize: 475.13 KB (475136 bytes)
MD5: ca9427b410256147c0a3b4bb2cdf82cd
Detection count: 31
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 6, 2017
file.exe
File name: file.exeSize: 161.79 KB (161792 bytes)
MD5: 471b447db485341e4a8403e936a12677
Detection count: 31
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: October 13, 2017
data.bin
File name: data.binSize: 1.34 MB (1343518 bytes)
MD5: f140723566acbc4a7196a1cf9ac7a381
Detection count: 30
File type: Binary File
Mime Type: unknown/bin
Group: Malware file
Last Updated: October 13, 2017
file.exe
File name: file.exeSize: 162.81 KB (162816 bytes)
MD5: 7b30416925df3f047a266432800ae219
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: October 13, 2017
78ba046f4d8c46bee24d6e97b436e515
File name: 78ba046f4d8c46bee24d6e97b436e515Size: 235.52 KB (235520 bytes)
MD5: 78ba046f4d8c46bee24d6e97b436e515
Detection count: 12
Group: Malware file
Last Updated: February 28, 2018
C:\Users\<username>\AppData\Roaming\Tevyi\olube.exe
File name: olube.exeSize: 309.24 KB (309248 bytes)
MD5: 041034673436e090275832bbf6aa3b23
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\<username>\AppData\Roaming\Tevyi
Group: Malware file
Last Updated: March 28, 2018
IMG_xxxx.zip
File name: IMG_xxxx.zipMime Type: unknown/zip
Group: Malware file
More files
Registry Modifications
The following newly produced Registry Values are:
Regexp file mask%APPDATA%\Microsoft\Temp.exe%APPDATA%\svchost.exe
Regexp file mask%APPDATA%\Microsoft\Temp.exe%APPDATA%\svchost.exe
Additional Information
The following directories were created:
%APPDATA%\winsystem%PROGRAMFILES%\Jidd
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.