About “Ulise.474674” infection

The Ulise.474674 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Ulise.474674 virus can do?

Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Binary file triggered YARA rule

How to determine Ulise.474674?


File Info:
name: CE484CA6F35DEE6BD3EA.mlw
path: /opt/CAPEv2/storage/binaries/c90e19d4caf166b6632e9482d22705535453da44d47aaff63d43f0361fe99515
crc32: 4A69FCFB
md5: ce484ca6f35dee6bd3ea264ec924b1df
sha1: 4d9c5fa2d7aa88e462564b33c42019ada56e7c1c
sha256: c90e19d4caf166b6632e9482d22705535453da44d47aaff63d43f0361fe99515
sha512: c96b86bfa5f96b3b00a2b4c8a18b09ae2a0f86f3e8c2b8d79ab4bb43f7f38d34cc0ff4b0de18100e505e4a3b1781f3aae4b111784c53e2fd85466dc09844c260
ssdeep: 24576:vBF6727itqTgtkFKifDqsj+nCGUtCPQJU7GbTBLSMq:rSUCCz+Gbe
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AA250141CEAB50F5C61B213051ABA72F66212B491F38EDEBC3C41D86D3A7FF1113666A
sha3_384: 1d8888d8478a1bc876f8d36075d3cf1cb48d4dd37fd1c8d3b47ff43f43be4ed4f9c0a14d28b0ca8fd774067db1679021
ep_bytes: 77544278484765734c4259446e686350
timestamp: 1970-01-01 00:00:00

Version Info:
0: [No Data]

Ulise.474674 also known as:

Bkav	W32.AIDetectMalware
MicroWorld-eScan	Gen:Variant.Ulise.474674
Skyhigh	BehavesLike.Win32.Generic.dh
McAfee	GenericRXNR-AT!CE484CA6F35D
Malwarebytes	Generic.Malware.AI.DDS
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
Symantec	Packed.Generic.551
APEX	Malicious
ClamAV	Win.Malware.Eati-7331641-0
BitDefender	Gen:Variant.Ulise.474674
SUPERAntiSpyware	Trojan.Agent/Gen-Kryptik
Sophos	Troj/Miner-ABH
Google	Detected
DrWeb	Trojan.PWS.Banker1.30278
FireEye	Generic.mg.ce484ca6f35dee6b
Emsisoft	Gen:Variant.Ulise.474674 (B)
Ikarus	Trojan.Win64.CoinMiner
Varist	W32/S-8f4e9221!Eldorado
Antiy-AVL	Trojan/Win32.AGeneric
Kingsoft	malware.kb.a.965
Microsoft	HackTool:Win32/CobaltStrike!pz
Xcitium	TrojWare.Win32.TrojanDownloader.Banload.RES@8hfp75
Arcabit	Trojan.Ulise.D73E32
GData	Gen:Variant.Ulise.474674
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Banload.C3470781
Acronis	suspicious
VBA32	TrojanPSW.Banker
ALYac	Gen:Variant.Ulise.474674
MAX	malware (ai score=84)
Rising	Trojan.Generic@AI.100 (RDML:kkZXqyd3Blf0g4cK3pdcWg)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/Agent.7267!tr

How to remove Ulise.474674?

Ulise.474674 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X