What is “Ulise.375397 (B)”?

The Ulise.375397 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Ulise.375397 (B) virus can do?

Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Ulise.375397 (B)?


File Info:
name: C2754DE3B02EB706E537.mlw
path: /opt/CAPEv2/storage/binaries/0013908a32906c9f40be886b698f6bc8915cbfb40486c3fec6c9924640c4501e
crc32: C6AB6BA9
md5: c2754de3b02eb706e53771ccb93566de
sha1: fa3e6f95eb763e9414d1ab3d29b61146cfa3597c
sha256: 0013908a32906c9f40be886b698f6bc8915cbfb40486c3fec6c9924640c4501e
sha512: fc6f6f310ceddddea19ddaf5697d1315bd33624c6eef15929c55df93209ec668277b8ae538d2d97114f650cf9f6b924dd83b7cd996cdc423d480fcfc21ed33c0
ssdeep: 24576:XUzNkyrbtjbGixC+PKH2I1iIWILtfOIJ+HKodCHPC0cF3u7P1+eWQ8f/x52vHNZQ:XUzeyQcS4DqodCnoe+iitjWw
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T129959E3794E09C7AF8757EF58346C29E72117888DE743E8902B56B7E1B38582F50E293
sha3_384: 05dc098e94108ba5d3f9ccdac1a650ebc18fd67bcb8fb2296f471f6a9be8ff93b0ccb3b9f77b26261ce56eb7909babb6
ep_bytes: 030000fffcdd4100130000ff18de4100
timestamp: 1992-06-19 22:22:17

Version Info:
0: [No Data]

Ulise.375397 (B) also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Cerbu.4!c
MicroWorld-eScan	Gen:Variant.Ulise.375397
FireEye	Generic.mg.c2754de3b02eb706
ALYac	Gen:Variant.Ulise.375397
Malwarebytes	Generic.Malware.AI.DDS
Zillya	Trojan.Injector.Win32.1606555
Sangfor	Trojan.Win32.Save.a
Alibaba	Trojan:Win32/Injector.701074d3
Cyren	W32/Injector.BAE.gen!Eldorado
Symantec	Trojan.Gen.2
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Injector.EDWU
APEX	Malicious
BitDefender	Gen:Variant.Ulise.375397
Emsisoft	Gen:Variant.Ulise.375397 (B)
VIPRE	Gen:Variant.Ulise.375397
McAfee-GW-Edition	BehavesLike.Win32.Generic.tm
Trapmine	malicious.moderate.ml.score
Sophos	Mal/Generic-S
SentinelOne	Static AI – Suspicious PE
GData	Gen:Variant.Ulise.375397
Google	Detected
MAX	malware (ai score=86)
Antiy-AVL	Trojan/Win32.Injector
Kingsoft	malware.kb.a.987
Arcabit	Trojan.Ulise.D5BA65
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
Acronis	suspicious
McAfee	Artemis!C2754DE3B02E
Cylance	unsafe
Rising	Trojan.Injector!8.C4 (TFE:2:Umn2LyRQLML)
Ikarus	Trojan.Agent
MaxSecure	Trojan.Malware.186099308.susgen
Fortinet	W32/Injector.EDWU!tr
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_90% (W)

How to remove Ulise.375397 (B)?

Ulise.375397 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X