What is “Ulise.104179 (B)”?

The Ulise.104179 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Ulise.104179 (B) virus can do?

Sample contains Overlay data
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Ulise.104179 (B)?


File Info:
name: A9D351A94FA80FC9618A.mlw
path: /opt/CAPEv2/storage/binaries/9edf44d197d8f8479fa5ab19183362b87ea993265a18bfefca8f8883489244a4
crc32: E3B89086
md5: a9d351a94fa80fc9618a29db3093a56e
sha1: b95b929fbd54845be4f8c8eb9f3085f9d957d2a0
sha256: 9edf44d197d8f8479fa5ab19183362b87ea993265a18bfefca8f8883489244a4
sha512: 7ebe04453802679fae73fd2d2e965d368dd1565d91b679113786e9768c30a4fbeeb57871367d9ced19324e29ca54c703add7111d3ba56104ff1d5bdd6e4abaca
ssdeep: 49152:NixmeNMuzT2I9eT83gG4RrzvKfNuIhakf8V8ydOyCPOUkwkn9IMHeaKlDH4k1dtc:hwDD4T8pazMcOe8dPOfdnVuT40qPC
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E8067C01E3C78021ED6216389C6E367856727C241A3DE3AB1606FEFD9DF0272D5A97D2
sha3_384: 4a55517e1b2b51747094ca8ba1e510e2d106dbbe275e8b6e16f5df13afe24f61dd9d0755f99ac14572dfa9efbf2a21f2
ep_bytes: 6a7068902c0001e83103000033ff57ff
timestamp: 2004-08-04 06:06:51

Version Info:
CompanyName: Microsoft Corporation
FileDescription: Microsoft Magnifier
FileVersion: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
InternalName: MAGNIFIER
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: MAGNIFY.EXE
ProductName: Microsoft® Windows® Operating System
ProductVersion: 5.1.2600.2180
Translation: 0x0409 0x04b0

Ulise.104179 (B) also known as:

Bkav	W32.AIDetect.malware1
tehtris	Generic.Malware
DrWeb	Trojan.DownLoader22.34481
MicroWorld-eScan	Gen:Variant.Ulise.104179
FireEye	Gen:Variant.Ulise.104179
ALYac	Gen:Variant.Ulise.104179
Cylance	Unsafe
VIPRE	Gen:Variant.Ulise.104179
Sangfor	[ARMADILLO V1.71]
Cybereason	malicious.94fa80
Cyren	W32/Ipamor.EK.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ClamAV	Win.Packed.Autoit-7640561-0
BitDefender	Gen:Variant.Ulise.104179
Emsisoft	Gen:Variant.Ulise.104179 (B)
McAfee-GW-Edition	BehavesLike.Win32.BadFile.wh
Sophos	Generic ML PUA (PUA)
Ikarus	Olext.Win32
Google	Detected
Avira	HEUR/AGEN.1203413
MAX	malware (ai score=89)
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Variant.Ulise.104179
Cynet	Malicious (score: 100)
McAfee	Artemis!A9D351A94FA8
Malwarebytes	Hematite.Virus.FileInfector.DDS
APEX	Malicious
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/Ipamor.CC4C!tr
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Ulise.104179 (B)?

Ulise.104179 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X