Malware

What is “Ursu.224197”?

Malware Removal

The Ursu.224197 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.224197 virus can do?

  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine Ursu.224197?



File Info:

name: 622EA2A6496080204D5E.mlw
path: /opt/CAPEv2/storage/binaries/1fce24c1288612528e34df23065960a93f51d0dee450d996b808611ff5c32ad7
crc32: F5FBB996
md5: 622ea2a6496080204d5eb79875b520c9
sha1: 21a4c1177facea22d48d95f70d247eb9c6f18272
sha256: 1fce24c1288612528e34df23065960a93f51d0dee450d996b808611ff5c32ad7
sha512: a084b736389e93508efcbce4b8e3c3b75b33254dd16da5938be4763ab5ae6e0f30d791a14c003d1a7a130974b92b62605566c89e054911a3efbad8354ecd77ce
ssdeep: 3072:qshH4YYT/XnwZuAEOpGoJ+nRq25p05z+2iZBxiOO28CmRQ4BxKCE/nEkwCetBzpp:5YnAGfRJ09RH0fOzbLSd4/R
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10564810832B887A1E63BA7F10D35C736037D796D6913D3583C83A5CE6963721CA96A37
sha3_384: a1293674ad0663bfeea4cda00989801f92b9ae99203fda812adc75506c34f74da75791114a18d3aa01bbd2b176b5fe70
ep_bytes: ff250020001100000000000000000000
timestamp: 2012-04-20 03:10:10


Version Info:

Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 1.0.4492.39905
InternalName: Session.exe
LegalCopyright:  
OriginalFilename: Session.exe
ProductVersion: 1.0.4492.39905
Assembly Version: 1.0.4492.39905

Ursu.224197 also known as:

BkavW32.Common.0B029649
LionicTrojan.Win32.Presenoker.4!c
MicroWorld-eScanGen:Variant.Ursu.224197
FireEyeGen:Variant.Ursu.224197
SkyhighBehavesLike.Win32.Generic.fm
McAfeeArtemis!622EA2A64960
Cylanceunsafe
SangforPUP.Win32.Presenoker.Vc2f
CynetMalicious (score: 100)
BitDefenderGen:Variant.Ursu.224197
EmsisoftGen:Variant.Ursu.224197 (B)
VIPREGen:Variant.Ursu.224197
VaristW32/ABRisk.CTEK-2740
Antiy-AVLGrayWare/Win32.Presenoker
MicrosoftPUA:Win32/Presenoker
ArcabitTrojan.Ursu.D36BC5
GDataGen:Variant.Ursu.224197
GoogleDetected
ALYacGen:Variant.Ursu.224197
MAXmalware (ai score=88)
MalwarebytesMachineLearning/Anomalous.96%
TrendMicro-HouseCallTROJ_GEN.R002H09L623
RisingPUA.Presenoker!8.F608 (CLOUD)
MaxSecureTrojan.Malware.74710437.susgen

How to remove Ursu.224197?

Ursu.224197 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment