Malware

Ursu.387828 information

Malware Removal

The Ursu.387828 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.387828 virus can do?

  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Harvests cookies for information gathering

How to determine Ursu.387828?



File Info:

name: 54CDA709E1317413ECD9.mlw
path: /opt/CAPEv2/storage/binaries/abbaadcbf12e30ecff30663eae8b799b48ef3a0c93843e4c1df13f26fd1b82e7
crc32: 2EA8DA08
md5: 54cda709e1317413ecd92b47c5469191
sha1: 0a9f0990907fdd55e3da1be98300da5f18a305fb
sha256: abbaadcbf12e30ecff30663eae8b799b48ef3a0c93843e4c1df13f26fd1b82e7
sha512: c5d35fd871e177f4568022ec4ba955d10e0a6896e18e217075f88f6a609fed9e8a29c0b2032813c26e789292fc673d4dabcebba3190a21b97b1e0d5c7930c77a
ssdeep: 768:XTluiBooWwuJTkTtz495wpltSi3bD7z2AefsAc6i:JprWXwb3bDX2AH
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12133F812337C5127C7AD8AFB1471A302137AA62A6617F78C4CC265AE6DB77136B40F93
sha3_384: 73f133788af3e7285c2e985723fd30e09d7a43153b6ed00c87c959fb45e756d1b3a6bdc34f36fda70b136eaef0b584fa
ep_bytes: ff250020400000000000000000000000
timestamp: 2012-12-04 10:26:05


Version Info:

Translation: 0x0000 0x04b0
CompanyName: Microsoft
FileDescription: taskmgr
FileVersion: 1.0.0.0
InternalName: taskmgr.exe
LegalCopyright: Copyright © Microsoft 2012
OriginalFilename: taskmgr.exe
ProductName: taskmgr
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Ursu.387828 also known as:

BkavW32.Common.7DE33C3E
LionicTrojan.Win32.Kazy.4!c
MicroWorld-eScanGen:Variant.Ursu.387828
FireEyeGen:Variant.Ursu.387828
CylanceUnsafe
ZillyaTrojan.Genome.Win32.231427
K7AntiVirusTrojan ( 0056fe471 )
AlibabaTrojan:MSIL/Generic.64351425
K7GWTrojan ( 0056fe471 )
Cybereasonmalicious.9e1317
BitDefenderThetaGen:NN.ZemsilF.34606.dm0@ayIIoUb
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of MSIL/TrojanClicker.Agent.NAY
Paloaltogeneric.ml
BitDefenderGen:Variant.Ursu.387828
NANO-AntivirusTrojan.Win32.Agent.behxms
AvastMSIL:Agent-OS [Trj]
TencentWin32.Trojan.Downloader.Swvd
Ad-AwareGen:Variant.Ursu.387828
EmsisoftGen:Variant.Ursu.387828 (B)
ComodoMalware@#14qrr2jkv1p8g
F-SecureTrojan.TR/Downloader.Gen
VIPREGen:Variant.Ursu.387828
McAfee-GW-EditionArtemis!Trojan
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Ursu.387828
GoogleDetected
AviraTR/Downloader.Gen
ArcabitTrojan.Ursu.D5EAF4
MicrosoftTrojan:Win32/Wacatac.B!ml
VBA32Trojan.MSIL.gen.a.5
ALYacGen:Variant.Ursu.387828
MAXmalware (ai score=83)
MalwarebytesGeneric.Malware/Suspicious
RisingTrojan.Clicker-Agent!8.13 (CLOUD)
IkarusTrojan.MSIL.TrojanClicker
MaxSecureTrojan.Malware.74459525.susgen
FortinetMSIL/TrojanClicker_Agent.NAY
AVGMSIL:Agent-OS [Trj]
PandaTrj/Agent.MIZ

How to remove Ursu.387828?

Ursu.387828 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment