Malware

What is “Ulise.106187”?

Malware Removal

The Ulise.106187 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ulise.106187 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • NtSetInformationThread: attempt to hide thread from debugger
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Ulise.106187?



File Info:

name: 541B1D6702E93E3B21F2.mlw
path: /opt/CAPEv2/storage/binaries/ad079e086fb267998b00890066c86353b18ce42c8c95d5d27af400b5d77538f0
crc32: 10E0259E
md5: 541b1d6702e93e3b21f2f693dad223bc
sha1: 016d203c140ec0dcc210f60187d2bc8a7b7d4061
sha256: ad079e086fb267998b00890066c86353b18ce42c8c95d5d27af400b5d77538f0
sha512: 45f464c014e7192e6325cd318bc5f9dd5d6304cfd0d837f51ea5f8ccda937c9641780f89d49b41cfc1c717b07f9eaf4316fb91d63b0388f7d3e541a4ec0c4b1f
ssdeep: 24576:FdzbBVx5WJ0PM32aeSXYJY6GJ7qFafKD0eeHLr4rTO:j2UMmaeSItvAKQxHLrwT
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T129956CB859634483E4E6C7B4A770977AFC3A2F120BF169D2D3733E9231B44158A129ED
sha3_384: e82abcfff92ab396a0b3b7f6e445b10659b5be8bd99c74d57d62d9edc184d2a5ec60beb581b65f884a0630def581576a
ep_bytes: 3bc0741ceb00db2ddc255d00ffffffff
timestamp: 1970-01-01 00:00:00


Version Info:

FileVersion: 1.0.0.0
FileDescription: 易语言程序
ProductName: 易语言程序
ProductVersion: 1.0.0.0
LegalCopyright: 作者版权所有 请尊重并使用正版
Comments: 本程序使用易语言编写(http://www.eyuyan.com)
Translation: 0x0804 0x04b0

Ulise.106187 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Ulise.106187
FireEyeGeneric.mg.541b1d6702e93e3b
McAfeeArtemis!541B1D6702E9
MalwarebytesPUP.Optional.ChinAd
VIPRETrojan.Win32.Generic!BT
SangforSuspicious.Win32.Evo.atgen
K7AntiVirusTrojan ( 004b94951 )
AlibabaPacked:Win32/VProtect.9d0b5918
K7GWTrojan ( 004b94951 )
Cybereasonmalicious.702e93
VirITBackdoor.Win32.Hupigon5.CELK
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.VProtect.B suspicious
TrendMicro-HouseCallTROJ_GEN.R002C0RB722
AvastWin32:Malware-gen
ClamAVWin.Packed.Obfusc-9874983-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Ulise.106187
NANO-AntivirusTrojan.Win32.DamagedFile.belkdi
TencentWin32.Trojan.Generic.Ssqt
Ad-AwareGen:Variant.Ulise.106187
EmsisoftGen:Variant.Ulise.106187 (B)
ComodoPacked.Win32.VProtect.A@4xq3f8
DrWebTrojan.DownLoader15.53603
ZillyaTrojan.Black.Win32.39818
McAfee-GW-EditionBehavesLike.Win32.Ridnu.tc
SophosMal/VProtPck-B
Paloaltogeneric.ml
GDataWin32.Application.PUPStudio.A
AviraTR/Agent.1929216.93
Antiy-AVLTrojan/Win32.AGeneric
KingsoftWin32.Heur.KVM099.a.(kcloud)
ArcabitTrojan.Ulise.D19ECB
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34212.1v0@aqHFYPnb
ALYacGen:Variant.Ulise.106187
MAXmalware (ai score=80)
VBA32TScope.Malware-Cryptor.SB
APEXMalicious
RisingTrojan.Win32.Generic.18F9501C (C64:YzY0OpdCPmep2SSw)
YandexTrojan.GenAsa!YDUAdxujHWw
SentinelOneStatic AI – Malicious PE
MaxSecureVirus.Patched.OF
FortinetW32/Generic!tr
AVGWin32:Malware-gen
CrowdStrikewin/malicious_confidence_70% (D)

How to remove Ulise.106187?

Ulise.106187 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment