Malware

About “Ursu.288807” infection

Malware Removal

The Ursu.288807 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.288807 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

How to determine Ursu.288807?



File Info:

crc32: FFF2C088
md5: 9ab191059cf87b50d5f984970710141c
name: 9AB191059CF87B50D5F984970710141C.mlw
sha1: e0e3a803b7bbccdec9becc8dc57c0704181cae20
sha256: 5fe6f75e29844187556e08a3744eab305ef7ec4134661d7812f0d5dae80fcdb1
sha512: e7bef5c0efd240eb24f75a02543184ce688edabcae2d23d4912396440e38720dfe47e3fcf3f098097a7f2e1cea41b2456792e7268dad889854e77fc30d8409cb
ssdeep: 49152:4XFxSFRK/hlD1NE692AqkeSxy36GtdGpXBeK:41xSjElDzZ9/y1zIXBe
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Murad Ismayilov xa9 2007-2017
Assembly Version: 2.34.2.0
InternalName: ABClient.exe
FileVersion: 2.34.2.0
CompanyName: 
LegalTrademarks: 
Comments: Smartclient for Neverlands.ru
ProductName: 
ProductVersion: 2.34.2.0
FileDescription: ABClient
OriginalFilename: ABClient.exe

Ursu.288807 also known as:

LionicTrojan.MSIL.Generic.4!c
CynetMalicious (score: 100)
ALYacGen:Variant.Ursu.288807
CylanceUnsafe
ZillyaTrojan.GenericKD.Win32.193993
SangforTrojan.MSIL.Generic.ky
AlibabaTrojanSpy:MSIL/Generic.cea6bf63
Cybereasonmalicious.59cf87
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Malware-gen
KasperskyHEUR:Trojan-Spy.MSIL.Generic
BitDefenderGen:Variant.Ursu.288807
MicroWorld-eScanGen:Variant.Ursu.288807
TencentMsil.Trojan-spy.Generic.Hwmj
Ad-AwareGen:Variant.Ursu.288807
SophosMal/Generic-S
ComodoMalware@#1hy7grsw60b4p
BitDefenderThetaGen:NN.ZemsilF.34266.vo0@aaZTmzg
McAfee-GW-EditionBehavesLike.Win32.Generic.vc
FireEyeGeneric.mg.9ab191059cf87b50
EmsisoftGen:Variant.Ursu.288807 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojanSpy.MSIL.ysn
AviraTR/Dropper.MSIL.stlrh
eGambitUnsafe.AI_Score_100%
MicrosoftBackdoor:Win32/Bladabindi!ml
ArcabitTrojan.Ursu.D46827
GDataGen:Variant.Ursu.288807
McAfeeArtemis!9AB191059CF8
MalwarebytesMachineLearning/Anomalous.100%
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Generic!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Ursu.288807?

Ursu.288807 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment