Malware

Ursu.307765 removal tips

Malware Removal

The Ursu.307765 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.307765 virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Ursu.307765?



File Info:

name: 27B020E006760A9AA2F1.mlw
path: /opt/CAPEv2/storage/binaries/ddfec43b0e13493406160cae109ba1594284e87bb2743307580bd15eb7a0d8f0
crc32: 8A6E6ACF
md5: 27b020e006760a9aa2f16c83dc94ef00
sha1: 913ed5f8c5b42a3884a6698138c3149f2d6ce911
sha256: ddfec43b0e13493406160cae109ba1594284e87bb2743307580bd15eb7a0d8f0
sha512: 70808d01990cfc7f3a4ac4e5bb05dff5fd4637a6afc742ed0e8f0cc1e95b3e7339f4fc9dfb0f33e1cf201c1b95d17f35e9b8ee3be51f4a231cf5189dbeef106d
ssdeep: 96:jCWbjxmQvo2rHuMWyNeU3n/NOW+RG9zDdzW+Wn5sypzr8sztaS0BfOuj+zNtK:jrbdyEOMrNRXBDZWTn2U3Dz8fvM8
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T182B4D716BFF48631E8774B32986631400775F60EA9F2E62FA885640B5FB73110BA2E75
sha3_384: 5becd9e6619a5cdc9232a1eeb1042cf14724269c02e8b753d5428c16914425dc20179eaa78da01d7f9ae00d00539f184
ep_bytes: ff250020400000000000000000000000
timestamp: 2089-07-19 15:53:46


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: ForceOP
FileVersion: 1.0.0.0
InternalName: ForceOP.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: ForceOP.exe
ProductName: ForceOP
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Ursu.307765 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Ursu.307765
FireEyeGeneric.mg.27b020e006760a9a
CylanceUnsafe
CrowdStrikewin/malicious_confidence_80% (D)
ArcabitTrojan.Ursu.D4B235
BitDefenderThetaGen:NN.ZemsilF.34084.Hm3@aW0FK9h
CyrenW32/MSIL_Kryptik.FIG.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.DGL
KasperskyHEUR:Backdoor.MSIL.Crysan.gen
BitDefenderGen:Variant.Ursu.307765
Ad-AwareGen:Variant.Ursu.307765
SophosML/PE-A
SentinelOneStatic AI – Malicious PE
EmsisoftGen:Variant.Ursu.307765 (B)
AviraTR/Dropper.Gen
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataGen:Variant.Ursu.307765
CynetMalicious (score: 100)
APEXMalicious
MAXmalware (ai score=89)
FortinetMSIL/Agent.CWW!tr.dldr
Cybereasonmalicious.006760

How to remove Ursu.307765?

Ursu.307765 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment