Malware

Ulise.316789 malicious file

Malware Removal

The Ulise.316789 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ulise.316789 virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Ulise.316789?



File Info:

name: 2438B54BA71D96624C6D.mlw
path: /opt/CAPEv2/storage/binaries/d96ae162a4b96e1a517a8256191ad170dd7fe7f3bebc091fb5d392cade9f9bdb
crc32: 7CFFE14A
md5: 2438b54ba71d96624c6d188d21b24d37
sha1: 432de3edb05b1ddeca5f33e6acd83ab389ed2aa5
sha256: d96ae162a4b96e1a517a8256191ad170dd7fe7f3bebc091fb5d392cade9f9bdb
sha512: 680a9ab707dfc132267a22c4ab458f4d9b627c683d37486ae9a368dafcd4d76ee7df26710c7b254d48e321bf500ea4cc394aab2063935648d472489adf35b06c
ssdeep: 6144:D017vY/DQJRfOHS3pPUhTBRXIbXGU+EHZCUa7XKsX/9:DCw/DQJRfgT3SxVZBa7XKsX/9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19EB4E41F97944332E16119325DEB8370682F6D602AF37CFA2D8D2D0F8BB7641A539762
sha3_384: 4ae637e9947cd553ee31f254f1e52a5c3ea33cd2d63fe68eebf669cc49d01a4cdd0d668c93d5488a204aaf35713a4952
ep_bytes: 558bec83c4f0b8cccc4400e89c98fbff
timestamp: 2018-02-28 03:25:05


Version Info:

CompanyName: TweakBit
FileDescription: PCRepairKit Setup
FileVersion: 1.8.3.11
InternalName: pc-repair-kit
LegalCopyright: Copyright © 2008-2018 Auslogics Labs Pty Ltd
LegalTrademarks: Copyright © 2008-2018 Auslogics Labs Pty Ltd
OriginalFilename: pcrepairkit_stub_installer.exe
ProductName: PCRepairKit
ProductVersion: 1.x
Comments: Part of TweakBit PC Repair Kit
Translation: 0x0409 0x04e4

Ulise.316789 also known as:

BkavW32.Common.AE48FBF1
LionicRiskware.Win32.PCRepair.1!c
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Ulise.316789
FireEyeGeneric.mg.2438b54ba71d9662
CAT-QuickHealTrojan.GenericPMF.S3143153
ALYacGen:Variant.Ulise.316789
Cylanceunsafe
VIPREGen:Variant.Ulise.316789
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005329171 )
BitDefenderGen:Variant.Ulise.316789
K7GWTrojan ( 005329171 )
CrowdStrikewin/grayware_confidence_100% (W)
ArcabitTrojan.Ulise.D4D575
CyrenW32/Auslogics.D.gen!Eldorado
ESET-NOD32a variant of Win32/Auslogics.A potentially unwanted
CynetMalicious (score: 100)
APEXMalicious
Kasperskynot-a-virus:Downloader.Win32.PCRepair.gen
ViRobotAdware.Auslogics.542360.MA
RisingPUF.Auslogics!1.AC47 (CLASSIC)
EmsisoftApplication.Downloader (A)
F-SecurePotentialRisk.PUA/TweakBit.Gen7
DrWebProgram.Unwanted.2486
TrendMicroTROJ_GEN.R002C0PIS23
McAfee-GW-EditionGenericRXSF-OQ!2438B54BA71D
SophosGeneric Reputation PUA (PUA)
SentinelOneStatic AI – Malicious PE
JiangminDownloader.Agent.eob
WebrootPua.Tweakbit.Pcrepairkit
AviraPUA/TweakBit.Gen7
Antiy-AVLGrayWare/Win32.Auslogics.a
Kingsoftmalware.kb.a.996
XcitiumApplication.Win32.Auslogics.AB@80idad
MicrosoftPUA:Win32/Auslogics
SUPERAntiSpywarePUP.Tweakbit/Variant
ZoneAlarmnot-a-virus:Downloader.Win32.PCRepair.gen
GDataWin32.Application.Auslogics.C
GoogleDetected
AhnLab-V3PUP/Win32.Helper.R274389
McAfeeGenericRXSF-OQ!2438B54BA71D
MAXmalware (ai score=89)
DeepInstinctMALICIOUS
VBA32BScope.Downloader.Agent
MalwarebytesGeneric.Malware.AI.DDS
PandaPUP/AuslogicsDriverUpdate
TrendMicro-HouseCallTROJ_GEN.R002C0PIS23
TencentMalware.Win32.Gencirc.10bdf235
YandexTrojan.GenAsa!sc2SX+KfCU4
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Auslogics.A
AVGWin32:PUP-gen [PUP]
AvastWin32:PUP-gen [PUP]

How to remove Ulise.316789?

Ulise.316789 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment