Ursu.219763 malicious file

The Ursu.219763 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Ursu.219763 virus can do?

Dynamic (imported) function loading detected
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Ursu.219763?


File Info:
name: AA2E6AAFE32AA46D64EC.mlw
path: /opt/CAPEv2/storage/binaries/98caae6249b88237da47309dc5bc34b816669bf2cc1786d85ac37d8b6da4bdb3
crc32: D46A2B24
md5: aa2e6aafe32aa46d64ecb5aaac811594
sha1: 7516d20f6bc874294c1c37c762d07af30b4b7600
sha256: 98caae6249b88237da47309dc5bc34b816669bf2cc1786d85ac37d8b6da4bdb3
sha512: 10b987a09e98b7b184a972e36f1d3a83707d27be12b8e3a87062b54969ed956b4fe6fe800c85f56e4083f65f15a5af50a2a2360832a70dcc0fdd72e64bf7aa01
ssdeep: 6144:1KhhJS1IJyE/HBXw/KWB0QZ/oQt92Y2EtaKHEJWcv:1KhhGIJyE/Hhwy+0+/0EmWk
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T151748DD172ADCA2BD5AA72F56F2110B50AF5ED121101E78A2EF4348D2DB2B4FCD50A4F
sha3_384: fe212d828e42127a74902785e1ad3e806af4f527e3bb610477d7bde22971ad2b1682ebddb5b4dd25ed0cf83cc75bd1ae
ep_bytes: ff250020400000000000000000000000
timestamp: 2017-08-15 13:10:47

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 1.0.0.0
InternalName: OneDriveMapper_v3.11.exe
LegalCopyright:  
OriginalFilename: OneDriveMapper_v3.11.exe
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Ursu.219763 also known as:

MicroWorld-eScan	Gen:Variant.Ursu.219763
FireEye	Gen:Variant.Ursu.219763
McAfee	Artemis!AA2E6AAFE32A
Cylance	Unsafe
Zillya	Trojan.GenericKD.Win32.213546
Sangfor	Trojan.Win32.Occamy.C
Alibaba	Trojan:Win32/Generic.9dbc1ab4
Cybereason	malicious.fe32aa
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Ursu.219763
Avast	Win32:Malware-gen
Ad-Aware	Gen:Variant.Ursu.219763
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.R002C0WIG21
McAfee-GW-Edition	Artemis
Emsisoft	Gen:Variant.Ursu.219763 (B)
SentinelOne	Static AI – Suspicious PE
GData	Gen:Variant.Ursu.219763
Jiangmin	Trojan.Generic.bkfrv
Antiy-AVL	Trojan/Generic.ASMalwS.21E67BE
ViRobot	Trojan.Win32.Z.Ursu.348672.D
Microsoft	Trojan:Win32/Occamy.C98
AhnLab-V3	Trojan/Win32.Occamy.C2835766
ALYac	Gen:Variant.Ursu.219763
MAX	malware (ai score=100)
TrendMicro-HouseCall	TROJ_GEN.R002C0WIG21
Tencent	Win32.Trojan.Generic.Lmaw
Yandex	Trojan.Agent!LJOIMVZVnds
Fortinet	W32/Generic!tr
AVG	Win32:Malware-gen
Panda	Trj/CI.A
MaxSecure	Trojan.Malware.300983.susgen

How to remove Ursu.219763?

Ursu.219763 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X