Malware

Ursu.125566 (file analysis)

Malware Removal

The Ursu.125566 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.125566 virus can do?

  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz

How to determine Ursu.125566?



File Info:

crc32: A3A7711D
md5: 329783941caabcf96c76d610c2be9e16
name: 329783941CAABCF96C76D610C2BE9E16.mlw
sha1: 391115e8b57357d74eae2a7dfa4a850b2194b878
sha256: cf6f5647ba19437c16cfcda6ec30f9765db899bf91286a1be1807e4dbdffde74
sha512: e9135e2407ef6a302c6ed3afc29e3f6ec241ff8fafd88892262b56bde460c3d74340ae949bba20a10f6fbb578a01c79f916387b38340055431d551f091f1d7e6
ssdeep: 192:HDR5q1R5h0u3sNDlcvhQSqwhed8ywQm3mmfF8:zq1R5h0uAlcvZqwhQA3PfF
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9  2018
Assembly Version: 1.0.0.0
InternalName: WinServ.exe
FileVersion: 1.0.0.0
CompanyName: 
LegalTrademarks: 
Comments: 
ProductName: WinServ
ProductVersion: 1.0.0.0
FileDescription: WinServ
OriginalFilename: WinServ.exe

Ursu.125566 also known as:

K7AntiVirusTrojan ( 0052a4691 )
LionicTrojan.Win32.Generic.4!c
CynetMalicious (score: 99)
ALYacGen:Variant.Ursu.125566
CylanceUnsafe
AlibabaTrojanSpy:MSIL/BitCoin.77280c2f
K7GWTrojan ( 0052a4691 )
Cybereasonmalicious.41caab
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/ClipBanker.EX
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan-Spy.MSIL.BitCoin.ib
BitDefenderGen:Variant.Ursu.125566
NANO-AntivirusTrojan.Win32.ClipBanker.eyxeex
MicroWorld-eScanGen:Variant.Ursu.125566
TencentMsil.Trojan-spy.Bitcoin.Ljal
Ad-AwareGen:Variant.Ursu.125566
SophosMal/Generic-S
ComodoMalware@#14tutj5fq8fol
BitDefenderThetaGen:NN.ZemsilF.34126.am0@aGV6le
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_FRS.VSN0BC18
McAfee-GW-EditionArtemis!Trojan
FireEyeGen:Variant.Ursu.125566
EmsisoftGen:Variant.Ursu.125566 (B)
AviraHEUR/AGEN.1114159
eGambitUnsafe.AI_Score_98%
Antiy-AVLTrojan/Generic.ASMalwS.24F6014
MicrosoftBackdoor:Win32/Bladabindi!ml
ZoneAlarmTrojan-Spy.MSIL.BitCoin.ib
GDataGen:Variant.Ursu.125566
AhnLab-V3Trojan/Win32.ClipBanker.C3905680
McAfeeArtemis!329783941CAA
MAXmalware (ai score=95)
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_FRS.VSN0BC18
YandexTrojanSpy.BitCoin!Snhu2rYS028
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/ClipBanker.EX!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Ursu.125566?

Ursu.125566 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment