Malware

Ursu.440577 information

Malware Removal

The Ursu.440577 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.440577 virus can do?

  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine Ursu.440577?



File Info:

name: DA6AD06A6820C69B1D5E.mlw
path: /opt/CAPEv2/storage/binaries/234754143607e7c767c3a23a7aaa618988c0a0a6e92a4ed9763072b34e230906
crc32: 97DB5B04
md5: da6ad06a6820c69b1d5ea8d9c723f83d
sha1: 4f81b00c2795f93c5fec1c1671c48e19c4a7143d
sha256: 234754143607e7c767c3a23a7aaa618988c0a0a6e92a4ed9763072b34e230906
sha512: 9a20374bf2cfd072a468c061faa77b0064ef4c159e37c8f035aa146645ca4acd62dc1a549cbffaa0bd3e200412c7960fb492f077a9ed9e5990dbbf4d09bd2d59
ssdeep: 3072:IAdihyDh+wecP6EAxf51BDvPgT5hXDR/c4M/NSPvTx1uBs0gBdx+VUURb/:JDh/rC5ohXt/lMlSP0vg9+mUR
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E7342B1FFA6AA740C6584733C4D7D52443B3EE527A23E62B3985378A0E337AECD45948
sha3_384: 1a398e1ca7595c3cf06987a699b2047a7d7e9935da5e9e6c9d95655bb05228a8a899fb2182781b3cdf2a74d08b2bfa2e
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-07-04 19:54:51


Version Info:

Translation: 0x0000 0x04b0
FileDescription: Windows
FileVersion: 1.0.0.0
InternalName: Windows.exe
LegalCopyright: Copyright ©  2022
OriginalFilename: Windows.exe
ProductName: Windows
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Ursu.440577 also known as:

BkavW32.AIDetectNet.01
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Ursu.440577
FireEyeGeneric.mg.da6ad06a6820c69b
McAfeeRDN/Generic.grp
CylanceUnsafe
K7AntiVirusTrojan ( 005179761 )
K7GWTrojan ( 005179761 )
Cybereasonmalicious.a6820c
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Kryptik.KZA
APEXMalicious
KasperskyHEUR:Trojan-Downloader.MSIL.Snoload.gen
BitDefenderGen:Variant.Ursu.440577
AvastWin32:CrypterX-gen [Trj]
Ad-AwareGen:Variant.Ursu.440577
EmsisoftGen:Variant.Ursu.440577 (B)
VIPREGen:Variant.Ursu.440577
McAfee-GW-EditionArtemis!Trojan
SophosMal/Generic-S
IkarusTrojan.MSIL.Crypt
GDataGen:Variant.Ursu.440577
AviraTR/Dropper.MSIL.Gen
ArcabitTrojan.Ursu.D6B901
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
Acronissuspicious
BitDefenderThetaGen:NN.ZemsilF.34786.pm0@am9Aykk
ALYacGen:Variant.Ursu.440577
MAXmalware (ai score=88)
VBA32Malware-Cryptor.MSIL.AgentTesla.Heur
RisingTrojan.Generic/MSIL@AI.90 (RDM.MSIL:In5tdOGfcm4og6rXHRD9qw)
SentinelOneStatic AI – Malicious PE
FortinetPossibleThreat.PALLAS.H
AVGWin32:CrypterX-gen [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Ursu.440577?

Ursu.440577 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment