Malware

About “Ursu.179841” infection

Malware Removal

The Ursu.179841 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.179841 virus can do?

  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

How to determine Ursu.179841?



File Info:

crc32: 611EA12B
md5: 6807c21576e2400158cab67a0b9aa71e
name: 6807C21576E2400158CAB67A0B9AA71E.mlw
sha1: 758709a3700c8b001d0ef424e7520abfaa87311f
sha256: d081081d5baa9699852ea3a55a748e0e2529e594a640e50949181c7bd0f92ab8
sha512: 750ba20c0a14fee0fa4d7f75407dcb403f6610af150f52fafec3656b8a10c4dea7ce6ac789476ea2cf3a7dc7162403c1f29ff3b3591398f1da291967edb7643f
ssdeep: 49152:FzbL0zzJsKJS1QJv8wBs7TdASKP+rTc82C1N:FzH0zzJsKwQ2wsfOP3M1N
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright 1984-2050 Windows Application. All rights reserved.
Assembly Version: 7.0.0.0
InternalName: Windows Application.exe
FileVersion: 7.0.0.0
CompanyName: Application Envato Downloader
LegalTrademarks: 
Comments: Envato Downloader
ProductName: Windows Application
ProductVersion: 7.0.0.0
FileDescription: Windows Application
OriginalFilename: Windows Application.exe

Ursu.179841 also known as:

DrWebTrojan.Coinstealer.2
CAT-QuickHealTrojan.GenericFC.S7081895
ALYacGen:Variant.Ursu.179841
CylanceUnsafe
K7GWPassword-Stealer ( 004b9e741 )
K7AntiVirusPassword-Stealer ( 004b9e741 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/PSW.CoinStealer.W
APEXMalicious
AvastWin32:PWSX-gen [Trj]
CynetMalicious (score: 99)
KasperskyHEUR:Trojan-Ransom.Win32.Generic
BitDefenderGen:Variant.Ursu.179841
NANO-AntivirusTrojan.Win32.Blocker.ebulvp
MicroWorld-eScanGen:Variant.Ursu.179841
TencentWin32.Trojan.Generic.Wmst
Ad-AwareGen:Variant.Ursu.179841
SophosMal/Generic-S
ComodoMalware@#3ghhdrfajakhc
BitDefenderThetaGen:NN.ZemsilF.34142.Un0@amBx8V
VIPRETrojan.Win32.Generic!BT
TrendMicroTSPY_COINSTEAL.SM2
McAfee-GW-EditionGenericRXEI-EZ!6807C21576E2
FireEyeGen:Variant.Ursu.179841
EmsisoftGen:Variant.Ursu.179841 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.ccqst
WebrootW32.Trojan.GenKD
AviraHEUR/AGEN.1126347
Antiy-AVLTrojan/Generic.ASMalwS.25F5EC7
MicrosoftTrojan:Win32/Skeeyah.A!rfn
GDataMSIL.Trojan.ClipBanker.C
McAfeeGenericRXEI-EZ!6807C21576E2
MAXmalware (ai score=96)
MalwarebytesMachineLearning/Anomalous.100%
PandaTrj/GdSda.A
TrendMicro-HouseCallTSPY_COINSTEAL.SM2
RisingSpyware.ClipBanker!1.B627 (CLASSIC)
IkarusTrojan.MSIL.ClipBanker
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/CoinStealer.W!tr.pws
AVGWin32:PWSX-gen [Trj]
Paloaltogeneric.ml

How to remove Ursu.179841?

Ursu.179841 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment