Malware

How to remove “Ursu.430355”?

Malware Removal

The Ursu.430355 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.430355 virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine Ursu.430355?



File Info:

name: 25EB095EFF532D526537.mlw
path: /opt/CAPEv2/storage/binaries/a8d3d502276eb9da262769c1572c2bd55a153f3547f785f6bd07dfd70ec4ebc0
crc32: 1BF6F296
md5: 25eb095eff532d52653743a6cb94eaad
sha1: 56942c21ae78db81dad5a8b8e18f5557e3dd47c5
sha256: a8d3d502276eb9da262769c1572c2bd55a153f3547f785f6bd07dfd70ec4ebc0
sha512: 5dd890864f96edf0a0f2fa68d530aa7d4ae93ddf5be5b01c741e53dfebade6bd58874327c22d1fd260055dfd8d61a0bb5719f5801005e97acc373ac9bc57c095
ssdeep: 1536:vTVDYHW7AKsbVGYCGidlncXm5KpHF93MH3Xmh/y7hw3mBacUemg3h47:7VDY27AKsbVfac25K78O/yKLcUJSh47
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T108A33B243DEA5029F173EF715BE8B9D6DA6EF6A33A076C1E10800346461FA41DED1D3A
sha3_384: eaa3cf082a3da9297f3d5a824dc10c74e9bcf5984c0263be6f0a47f7856afb4d8dd26e3ee6480b2dd399b50ac489ecd8
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-12-08 08:58:40


Version Info:

Translation: 0x0000 0x04b0
FileDescription: hg
FileVersion: 1.0.0.0
InternalName: hg.exe
LegalCopyright: Copyright ©  2021
OriginalFilename: hg.exe
ProductName: hg
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Ursu.430355 also known as:

Elasticmalicious (high confidence)
CynetMalicious (score: 99)
FireEyeGeneric.mg.25eb095eff532d52
McAfeeArtemis!25EB095EFF53
CrowdStrikewin/malicious_confidence_90% (W)
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Malware-gen
KasperskyUDS:Backdoor.MSIL.Bladabindi.gen
BitDefenderGen:Variant.Ursu.430355
MicroWorld-eScanGen:Variant.Ursu.430355
Ad-AwareGen:Variant.Ursu.430355
SophosML/PE-A
McAfee-GW-EditionArtemis
EmsisoftGen:Variant.Ursu.430355 (B)
AviraTR/Dropper.Gen
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataGen:Variant.Ursu.430355
BitDefenderThetaGen:NN.ZemsilF.34084.gm0@aO97aCj
ALYacGen:Variant.Ursu.430355
MAXmalware (ai score=84)
TrendMicro-HouseCallTROJ_GEN.R014H0CLA21
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetPossibleThreat
AVGWin32:Malware-gen
Cybereasonmalicious.eff532

How to remove Ursu.430355?

Ursu.430355 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment