Malware

Ursu.11383 information

Malware Removal

The Ursu.11383 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Ursu.11383 virus can do?

  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Ursu.11383?


File Info:

crc32: E131CA93
md5: 344f89e873e581c72f929acc1c6bf507
name: 344F89E873E581C72F929ACC1C6BF507.mlw
sha1: 630d7e77e3f97771e8f217ca9395d469ca9ed93d
sha256: d7248b47f44806c436c0b893ca5fd16ba135d47f7fa9eb88e6ff3ae7e3228111
sha512: 2c2d4b24c194c0c3c4d266d8e4a4aa5be8b74dd3d454ca697b6b94ad47eac7da08e56d1b95501fa50a46fad4ab81c7c2c689471759cefa4407437dbfe3da3728
ssdeep: 49152:vtBcv14+VjKZAv75pa9SvAbIsvoFvFTslitzUkZYEuisJcCHGfU7g:PA1FjKZG7u9SvAbIEoFvFTOkZYGycCH
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: TODO: (c) . All rights reserved.
InternalName: Patch.exe
FileVersion: 1.0.0.1
CompanyName: TODO:
ProductName: TODO:
ProductVersion: 1.0.0.1
FileDescription: Patch
OriginalFilename: Patch.exe
Translation: 0x0409 0x04b0

Ursu.11383 also known as:

K7AntiVirusTrojan ( 7000001c1 )
ALYacGen:Variant.Ursu.11383
CylanceUnsafe
ZillyaAdware.Amonetize.Win32.43451
CrowdStrikewin/malicious_confidence_60% (W)
K7GWTrojan ( 7000001c1 )
Cybereasonmalicious.873e58
BaiduWin32.Packed.VMProtect.a
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.VMProtect.ABD
APEXMalicious
AvastWin32:Malware-gen
BitDefenderGen:Variant.Ursu.11383
NANO-AntivirusRiskware.Win32.Amonetize.elgxuq
MicroWorld-eScanGen:Variant.Ursu.11383
TencentMalware.Win32.Gencirc.10b24ae9
Ad-AwareGen:Variant.Ursu.11383
BitDefenderThetaGen:NN.ZexaF.34686.Kv0@aeRt5Cdj
McAfee-GW-EditionBehavesLike.Win32.Dropper.th
FireEyeGeneric.mg.344f89e873e581c7
EmsisoftGen:Variant.Ursu.11383 (B)
JiangminAdWare.Amonetize.aorj
MicrosoftTrojan:Script/Phonzy.A!ml
GridinsoftTrojan.Win32.Packed.vb!s1
GDataGen:Variant.Ursu.11383
McAfeeArtemis!344F89E873E5
MAXmalware (ai score=87)
VBA32AdWare.Amonetize
MalwarebytesMalware.AI.3667940339
PandaTrj/GdSda.A
RisingTrojan.Bitrep!8.F596 (RDMK:cmRtazo/+1ZofOkQOX1j5VVLEDjW)
FortinetW32/Generic.AC.35B42B!tr
AVGWin32:Malware-gen

How to remove Ursu.11383?

Ursu.11383 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment