Ursu.286562 (B) removal tips

The Ursu.286562 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Ursu.286562 (B) virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Ursu.286562 (B)?


File Info:
name: 72AEF2ED0469DC1EC439.mlw
path: /opt/CAPEv2/storage/binaries/04e87c1fbdadabe38f032b9e9eccbe83bcab379be1c40144a2c2a12e316789ac
crc32: E52EB294
md5: 72aef2ed0469dc1ec43973255af73d76
sha1: a89c05171406cd9d30ecbd0a5322e33c73dab69e
sha256: 04e87c1fbdadabe38f032b9e9eccbe83bcab379be1c40144a2c2a12e316789ac
sha512: 8ce601ea7d97f0b34bb00da5154269b11e9bb59525ab29b382e62c0c7e105b40fc0b2a56942a3086d79fe0c69b80ed41fd8ed7f467ef5f6a7b0cea6e9cba0de0
ssdeep: 384:djKDw63dGLHc/6UqmLGL7LKL6LMffq8fZkUBYH+i+lAgCjKKFpsLwpN+60cMuHqg:dM3wmS/WGdqF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T146633D03165DC6FBC92E0A3A18F341193721C39E1F268D5DA98CB01EFAA55176D43BEC
sha3_384: 67a7187d23d6f84230c0ec97b48c6486778e112208a031e32f88d508b40bcb41d3b9c073b184199c3eca2a30c19b0d4d
ep_bytes: ff250020400000000000000000000000
timestamp: 2041-09-24 19:45:53

Version Info:
Translation: 0x0000 0x04b0
Comments: Java(TM) Platform SE binary
CompanyName: Oracle Corporation
FileDescription: Java(TM) Platform SE binary
FileVersion: 8.0.3110.11
InternalName: Netflix checker.exe
LegalCopyright: Copyright © 2021
LegalTrademarks: 
OriginalFilename: Netflix checker.exe
ProductName: Java(TM) Platform SE 8
ProductVersion: 8.0.3110.11
Assembly Version: 8.0.3110.11

Ursu.286562 (B) also known as:

Lionic	Trojan.MSIL.Injects.4!c
MicroWorld-eScan	Gen:Variant.Ursu.286562
FireEye	Gen:Variant.Ursu.286562
ALYac	Gen:Variant.Ursu.286562
Malwarebytes	MachineLearning/Anomalous.97%
CrowdStrike	win/malicious_confidence_60% (W)
Alibaba	Trojan:MSIL/Injects.31ad993c
K7GW	Trojan-Downloader ( 0058b1301 )
K7AntiVirus	Trojan-Downloader ( 0058b1301 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/TrojanDownloader.Agent.JPR
APEX	Malicious
Kaspersky	HEUR:Trojan.MSIL.Injects.gen
BitDefender	Gen:Variant.Ursu.286562
Avast	Win32:KeyloggerX-gen [Trj]
Ad-Aware	Gen:Variant.Ursu.286562
Emsisoft	Gen:Variant.Ursu.286562 (B)
TrendMicro	TROJ_GEN.R002C0PLB21
McAfee-GW-Edition	RDN/Generic Downloader.x
Sophos	Mal/Generic-S
SentinelOne	Static AI – Suspicious PE
MAX	malware (ai score=84)
Antiy-AVL	Trojan/Generic.ASMalwS.34E705D
Gridinsoft	Ransom.Win32.Sabsik.sa
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	Gen:Variant.Ursu.286562
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Gen.Generic.C4814310
McAfee	RDN/Generic Downloader.x
Tencent	Msil.Trojan.Injects.Ahfa
Ikarus	Trojan-Spy.Agent
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Agent.JPR!tr.dldr
BitDefenderTheta	Gen:NN.ZemsilF.34084.em0@aiBmhFp
AVG	Win32:KeyloggerX-gen [Trj]
Cybereason	malicious.d0469d
Panda	Trj/GdSda.A

How to remove Ursu.286562 (B)?

Ursu.286562 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X