Categories: Backdoor

Backdoor:Win32/Ursap!pz information

The Backdoor:Win32/Ursap!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Backdoor:Win32/Ursap!pz virus can do?

Sample contains Overlay data
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Backdoor:Win32/Ursap!pz?


File Info:
name: 215DE52DDB56C52BA069.mlwpath: /opt/CAPEv2/storage/binaries/70ba860f9c163c768c0a2abea3f2a823c045219b6ca2e05c51b86ec55fcd255acrc32: E1D0464Amd5: 215de52ddb56c52ba069bbf27a621ae0sha1: 4cbca2c795ca78406594444c49887b4514ce6220sha256: 70ba860f9c163c768c0a2abea3f2a823c045219b6ca2e05c51b86ec55fcd255asha512: 120b4dee043195ab582fab6eeb5d078fc60bac407f9487122f20525e5144bbc7842ab4bb315e49ec55cc2c3708e9aecde086261d2490e5e8777d2b6dd9d2d7cbssdeep: 3072:OFc+FoEGHm84TRzJIu5CjoFF5fUxqkts9MeZ3fxXltGapQe5hdjqLnQmv+ky:dh4ZJI3joFFhUxveZ3fpDpQYhFqFtype: PE32 executable (DLL) (GUI) Intel 80386, for MS Windowstlsh: T136248D047BA4D436F2B72E31A476D3948E76B9717C79C50F67920A6E0E30A98ED32317sha3_384: e9828534c7e5a69e927c05f98bb51dc7c1a7dc30a7fffeee30f1faba7f7d1224dc11879f7762283e3873bdfc64152b95ep_bytes: 8bff558bec837d0c017505e8344e0000timestamp: 2007-12-19 00:53:58
Version Info:
Comments: CompanyName: Seagate Software, Inc.FileDescription: Word for Windows Export Format DLL for Crystal ReportsFileVersion: 8.5.0.92InternalName: uxfwordwLegalCopyright: Copyright (c) 1991-2001 Seagate SoftwareLegalTrademarks: Crystal Reports is a trademark of Seagate Software, Inc. or one of its subsidiariesOriginalFilename: u2fwordw.dllPrivateBuild: ProductName: Crystal ReportsProductVersion: 8.5.0.211SpecialBuild: BuildDate: 2001/02/03 01:25:19Translation: 0x0409 0x04e4

Backdoor:Win32/Ursap!pz also known as:

Lionic	Trojan.Win32.Generic.lEOt
AVG	Win32:Reveton-HR [Trj]
Elastic	malicious (high confidence)
DrWeb	Trojan.Fakealert.55861
MicroWorld-eScan	Gen:Variant.Ser.Jaik.4419
FireEye	Generic.mg.215de52ddb56c52b
Skyhigh	Ransom-ABD.gen.d
McAfee	Ransom-ABD.gen.d
Zillya	Trojan.FakeAV.Win32.238043
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Ransomware ( 005454081 )
Alibaba	Trojan:Win32/Reveton.55c9abb6
K7GW	Ransomware ( 005454081 )
CrowdStrike	win/malicious_confidence_90% (W)
VirIT	Trojan.Win32.Foreign.THM
Symantec	Trojan.Ransomlock!g26
tehtris	Generic.Malware
ESET-NOD32	Win32/Reveton.H
Cynet	Malicious (score: 100)
APEX	Malicious
ClamAV	Win.Trojan.Ransomlock-7
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Gen:Variant.Ser.Jaik.4419
NANO-Antivirus	Trojan.Win32.RiskGen.bbkjkd
Avast	Win32:Reveton-HR [Trj]
Tencent	Malware.Win32.Gencirc.10b3c475
Emsisoft	Gen:Variant.Ser.Jaik.4419 (B)
VIPRE	Gen:Variant.Ser.Jaik.4419
TrendMicro	TROJ_RANSOM.SMC4
Sophos	Troj/Zbot-CYS
SentinelOne	Static AI – Suspicious PE
Jiangmin	Trojan/Generic.asjop
Google	Detected
MAX	malware (ai score=100)
Antiy-AVL	Trojan/Win32.Unknown
Kingsoft	Win32.Trojan.Generic.a
Microsoft	Backdoor:Win32/Ursap!pz
Xcitium	Malware@#30nteehss5595
Arcabit	Trojan.Ser.Jaik.D1143
ViRobot	Trojan.Win32.A.Foreign.231424
ZoneAlarm	UDS:DangerousObject.Multi.Generic
GData	Gen:Variant.Ser.Jaik.4419
Varist	W32/Trojan.KUPA-6140
AhnLab-V3	Trojan/Win32.Ransomlock.R44642
ALYac	Gen:Variant.Ser.Jaik.4419
VBA32	BScope.Trojan.FakeAlert
Cylance	unsafe
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	TROJ_RANSOM.SMC4
Rising	Trojan.Reveton!8.AB (TFE:5:Cme8XEsLiWG)
Yandex	Trojan.GenAsa!tq5AopblIIU
Ikarus	Trojan.Win32.Reveton
MaxSecure	Trojan.Malware.7164915.susgen
Fortinet	W32/Kryptik.AORE!tr
Zoner	Trojan.Win32.11927
DeepInstinct	MALICIOUS
alibabacloud	Trojan:Win/Reveton.H