Ursu.275822 (file analysis)

The Ursu.275822 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Ursu.275822 virus can do?

The binary likely contains encrypted or compressed data.
Anomalous binary characteristics

How to determine Ursu.275822?


File Info:
crc32: BA1E181D
md5: 14fa691f4a1571adc4ed914fa8981f49
name: 14FA691F4A1571ADC4ED914FA8981F49.mlw
sha1: b7074eef8727c890bae6bc571decef2d23c8e850
sha256: 43c85749b29f5abc673feea8cde029905371d0a69f1fe0bc79665a89994c39fe
sha512: b50f70748fd5d7224847701ee659402f17dada1a55557bffd988eac49a3c7901522f07d8f4969683b2d074dbe255c1a22dfd0ecd282cf71408b6f1b060e7f4f0
ssdeep: 3072:ffcFjx1lHG26MwRLkad7coFQlc+JNQNYeVTQ5ANS6zRNieBNwoOopW:ffKJDwWaZZqZJSlpQ5ANS631xOo
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Ursu.275822 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 00516fdf1 )
Elastic	malicious (high confidence)
DrWeb	Trojan.PWS.Stealer.23869
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Ursu.275822
Cylance	Unsafe
Zillya	Trojan.GenericKD.Win32.161124
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_90% (D)
Alibaba	Trojan:Win32/Generic.5868f4e5
K7GW	Trojan ( 00516fdf1 )
Cybereason	malicious.f4a157
Symantec	Trojan.Gen.2
ESET-NOD32	a variant of Generik.JQPTIVZ
APEX	Malicious
Avast	Win32:Malware-gen
BitDefender	Gen:Variant.Ursu.275822
NANO-Antivirus	Trojan.Win32.Kryptik.fgwvyh
MicroWorld-eScan	Gen:Variant.Ursu.275822
Tencent	Win32.Trojan.Symmi.Eaec
Ad-Aware	Gen:Variant.Ursu.275822
Comodo	TrojWare.Win32.PSW.Coins.KA@7tbl0j
BitDefenderTheta	Gen:NN.ZexaF.34758.nuW@aWhWzV
FireEye	Generic.mg.14fa691f4a1571ad
Emsisoft	Gen:Variant.Ursu.275822 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.PSW.Coins.auh
Avira	HEUR/AGEN.1119074
eGambit	Unsafe.AI_Score_99%
Microsoft	Trojan:Win32/Occamy.C
AegisLab	Trojan.Win32.Generic.4!c
GData	Win32.Trojan-Ransom.GandCrab.N
TACHYON	Trojan-PWS/W32.Coins.220672
AhnLab-V3	Win-Trojan/Gandcrab08.Exp
Acronis	suspicious
McAfee	Trojan-FPYT!14FA691F4A15
MAX	malware (ai score=99)
VBA32	BScope.Trojan.Vigorf
Malwarebytes	Malware.AI.820234642
Panda	Trj/GdSda.A
Rising	Trojan.Kryptik!1.B5F8 (CLASSIC)
Yandex	Trojan.GenAsa!BZmnrXP5JXI
Ikarus	Trojan.Crypt
Fortinet	W32/Kryptik.GKJF!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml

How to remove Ursu.275822?

Ursu.275822 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X