Should I remove “Ulise.474655 (B)”?

The Ulise.474655 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Ulise.474655 (B) virus can do?

Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Binary file triggered YARA rule

How to determine Ulise.474655 (B)?


File Info:
name: 98FD908AE46292AA183E.mlw
path: /opt/CAPEv2/storage/binaries/ed12660cce88aeb73421b8ee9af4b088c57b07067fad3dab1ba13e2cccae3155
crc32: EE1A56B2
md5: 98fd908ae46292aa183e123372d14fde
sha1: 5533004cdafc1c1877173d3ae20a366ad97fae53
sha256: ed12660cce88aeb73421b8ee9af4b088c57b07067fad3dab1ba13e2cccae3155
sha512: fd8839bfc2d765fd1d35c2375802e03b174b4f12183a39ec9aa8830100aa66c2b7600e545d0e8d9c32f5cdfaf3ee370d3ed5276b91f2f3c885cf18a12e49be95
ssdeep: 24576:vBF6727ZvhwoONE6phFrMiBsQVWGoPN966xBx3EaI2kl+l9:rFD2P6QV8NcYXkM9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DF350150CEAB54B5C61B6070582B9B3F662227091F38EDCBC3D41E8AD75AFF11073A69
sha3_384: 06eb93c38e5c56a92081d721703d18f107bc9d26b8f59a0458f5cca6e20066382be8a70fac78b922160d9cc70da0313e
ep_bytes: 6f47624a4748656f7666764543435650
timestamp: 1970-01-01 00:00:00

Version Info:
0: [No Data]

Ulise.474655 (B) also known as:

Bkav	W32.AIDetectMalware
MicroWorld-eScan	Gen:Variant.Ulise.474655
FireEye	Generic.mg.98fd908ae46292aa
Skyhigh	BehavesLike.Win32.Generic.th
McAfee	GenericRXNR-AT!98FD908AE462
Malwarebytes	Generic.Malware.AI.DDS
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Symantec	Packed.Generic.551
APEX	Malicious
Cynet	Malicious (score: 100)
BitDefender	Gen:Variant.Ulise.474655
SUPERAntiSpyware	Trojan.Agent/Gen-Kryptik
Sophos	Troj/Miner-ABH
DrWeb	Trojan.PWS.Banker1.30278
VIPRE	Gen:Variant.Ulise.474655
Emsisoft	Gen:Variant.Ulise.474655 (B)
Ikarus	Trojan.Win64.CoinMiner
GData	Gen:Variant.Ulise.474655
Google	Detected
MAX	malware (ai score=87)
Antiy-AVL	Trojan/Win32.AGeneric
Kingsoft	malware.kb.a.968
Xcitium	TrojWare.Win32.TrojanDownloader.Banload.RES@8hfp75
Arcabit	Trojan.Ulise.D73E1F
Microsoft	HackTool:Win32/CobaltStrike!pz
Varist	W32/S-8f4e9221!Eldorado
AhnLab-V3	Trojan/Win32.Banload.C3470781
Acronis	suspicious
VBA32	TrojanPSW.Banker
ALYac	Gen:Variant.Ulise.474655
TrendMicro-HouseCall	TROJ_GEN.R03BH0CCL24
Rising	HackTool.CobaltStrike!8.1216E (TFE:3:rrmzPDyxX0H)
SentinelOne	Static AI – Malicious PE
Fortinet	W32/Agent.7267!tr
alibabacloud	Trojan:Win/CoinMiner.UXW

How to remove Ulise.474655 (B)?

Ulise.474655 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X