Malware

Ulise.298681 removal guide

Malware Removal

The Ulise.298681 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Ulise.298681 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (4 unique times)
  • Creates RWX memory
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Unconventionial language used in binary resources: Arabic (Morocco)
  • The binary likely contains encrypted or compressed data.
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

Related domains:

telete.in
apps.identrust.com
edgedl.me.gvt1.com
update.googleapis.com

How to determine Ulise.298681?


File Info:

crc32: 0976858B
md5: a2e7d9533c3b6ba40a21897e001f8491
name: A2E7D9533C3B6BA40A21897E001F8491.mlw
sha1: 2454a3707eb5c8e0d18ef40c48285ccb49efc647
sha256: 47530b76594be82ce2ce71f606264ae20ab93fc7d3b7078b6edf48bee6a87ef5
sha512: 7df4651e8ae2a50e8324032c259164ba54ca1c66e68a7b580f7ac8e521e63ece41dcd6436e21cb25bed64d583d5e4a583f6bde873c6132c0ea6d93646bb4c14f
ssdeep: 6144:7iAaUSd35Hz8Dl/oN8noPRiajUpNahCQtKUe+DsPe045s2NZEAQL8xr85+gz:WH5Hz8Ji8nCRGazcUEPC5XfEAL85+g
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

Translation: 0x120a 0x052e

Ulise.298681 also known as:

BkavW32.AIDetect.malware2
K7AntiVirusRiskware ( 0040eff71 )
LionicTrojan.Multi.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader43.22581
CynetMalicious (score: 100)
CAT-QuickHealRansom.Stop.Z5
ALYacGen:Variant.Ulise.298681
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:Win32/Kryptik.e7a339d5
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.07eb5c
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HMNI
APEXMalicious
AvastWin32:PWSX-gen [Trj]
KasperskyHEUR:Trojan-Ransom.Win32.Stop.gen
BitDefenderTrojan.GenericKD.37599614
NANO-AntivirusTrojan.Win32.Kryptik.jbpbec
MicroWorld-eScanTrojan.GenericKD.37599614
Ad-AwareTrojan.GenericKD.37599614
SophosML/PE-A
BitDefenderThetaGen:NN.ZexaF.34142.EuW@a4maaGkO
TrendMicroTROJ_FRS.0NA103IJ21
McAfee-GW-EditionBehavesLike.Win32.Generic.gc
FireEyeGeneric.mg.a2e7d9533c3b6ba4
EmsisoftTrojan.GenericKD.37599614 (B)
SentinelOneStatic AI – Malicious PE
AviraTR/Crypt.Agent.jcijh
KingsoftWin32.Hack.Undef.(kcloud)
MicrosoftTrojan:Win32/Sabsik.TE.B!ml
GDataTrojan.GenericKD.37599614
AhnLab-V3Trojan/Win.MalPE.R442000
Acronissuspicious
McAfeeRDN/Generic.grp
MAXmalware (ai score=80)
VBA32Malware-Cryptor.Azorult.gen
MalwarebytesTrojan.MalPack
TrendMicro-HouseCallTROJ_FRS.0NA103IJ21
RisingTrojan.Kryptik!1.D975 (CLASSIC)
IkarusTrojan.Win32.Glupteba
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.HMNI!tr
AVGWin32:PWSX-gen [Trj]
Paloaltogeneric.ml

How to remove Ulise.298681?

Ulise.298681 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment