Malware

Ulise.215329 (file analysis)

Malware Removal

The Ulise.215329 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ulise.215329 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Deletes executed files from disk

How to determine Ulise.215329?



File Info:

name: 5A69713453EC54D93861.mlw
path: /opt/CAPEv2/storage/binaries/3b4c82109fb94ab4605e52c483b04b2f4edb5f63540500f156bf1ae80f612e05
crc32: 46CAA9B7
md5: 5a69713453ec54d9386129b877997be0
sha1: 67764020929651b596a751ec5c556c4deda08c18
sha256: 3b4c82109fb94ab4605e52c483b04b2f4edb5f63540500f156bf1ae80f612e05
sha512: 4833775b1b3995857daa00306efe0d01f3ce947023add3336db45cda40272f9da4ef4bdf885adcc86cccd8c92f5602b41139b36adf1d7512eb56a8704072072d
ssdeep: 1536:MYDGc2TdC0B0HvilofwUqhnZBJRdFPlIvv/t0CmuJd4BXKikc6C:MlzC0B0HKSHqhZBjPlu3tBbd4M5C
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1A2930100AB013EF4CA7123F717B335471157E0B4E1AD8B4B9770AAF15B964A8B8F5A1A
sha3_384: ff06fa885bd9d7034f8b2593bd516e9195deb3ec7f56c0e94f571e1b113d2f830c4d28ae0deaaa3388fcfe11cfa852e7
ep_bytes: 68000000005a5309f681e92e27e47d21
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Ulise.215329 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Copak.4!c
AVGWin32:Evo-gen [Trj]
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Ulise.215329
FireEyeGeneric.mg.5a69713453ec54d9
ALYacGen:Variant.Ulise.215329
CylanceUnsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0058c5ff1 )
AlibabaTrojan:Win32/Copak.e50b8855
K7GWTrojan ( 0058c5ff1 )
Cybereasonmalicious.092965
CyrenW32/Kryptik.DCC.gen!Eldorado
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Kryptik.HITO
CynetMalicious (score: 100)
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Packed.Copak-9853643-0
KasperskyHEUR:Trojan.Win32.Copak.vho
BitDefenderGen:Variant.Ulise.215329
NANO-AntivirusTrojan.Win32.Agent.ixszcw
AvastWin32:Evo-gen [Trj]
TencentTrojan.Win32.Copak.hb
Ad-AwareGen:Variant.Ulise.215329
EmsisoftGen:Variant.Ulise.215329 (B)
ComodoPacked.Win32.MUPX.Gen@24tbus
DrWebTrojan.Packed2.43250
VIPREGen:Variant.Ulise.215329
SophosMal/Generic-R + Troj/Agent-BGZJ
IkarusTrojan.Kryptik
GDataGen:Variant.Ulise.215329
JiangminTrojan.Copak.civ
AviraHEUR/AGEN.1200606
MAXmalware (ai score=86)
Antiy-AVLTrojan/Generic.ASBOL.C686
KingsoftWin32.Troj.Undef.(kcloud)
ArcabitTrojan.Ulise.D34921
MicrosoftTrojan:Win32/Injector.RAQ!MTB
GoogleDetected
AhnLab-V3Malware/Win32.Generic.R369371
Acronissuspicious
McAfeeGenericRXAA-FA!5A69713453EC
VBA32BScope.Trojan.Wacatac
MalwarebytesMalware.AI.3946617475
RisingTrojan.Kryptik!1.D238 (CLASSIC)
YandexTrojan.Copak!zT97juX4oOA
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.HITO!tr
BitDefenderThetaGen:NN.ZexaF.34754.fmZ@aqxLbnk
PandaTrj/Genetic.gen

How to remove Ulise.215329?

Ulise.215329 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment