Malware

What is “Ursu.542055”?

Malware Removal

The Ursu.542055 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.542055 virus can do?

  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)

How to determine Ursu.542055?



File Info:

crc32: E5BD3DF6
md5: 850a2c4c72851384888651d865492a92
name: 850A2C4C72851384888651D865492A92.mlw
sha1: bb99c768b33fa998d2539b602e61636b3d5414a5
sha256: 6fa517879c4ee4f4bbb20ce5882fff70fc031cc07c575527a1f3bf070dbe630c
sha512: 24f2127ec844a8eb736c8d94e9291f001e879faa92d54bc68233d6fca1c8c87e1f6e5fe9bf3cf75b329e3b4a1f74b388020aca041d03667460b6f153108637d6
ssdeep: 6144:hD4sxbPQAnzcD0GnUGBbnwFER1O4Z389kG9BmWTB8rStM:hp9PdnzPGnUGFnwyjO4ZsSG9BmWT1
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2014 - 2015 Funshion All Rights Reserved
InternalName: Donovan.dll
FileVersion: 3.0.0.5
CompanyName: x5317x4eacx98cex884cx5728x7ebfx6280x672fx6709x9650x516cx53f8
ProductName: Donovan
ProductVersion: 3.0.0.5
FileDescription: Donovan
OriginalFilename: Donovan.dll
Translation: 0x0804 0x04b0

Ursu.542055 also known as:

Elasticmalicious (high confidence)
CAT-QuickHealTrojan.Ursu
ALYacGen:Variant.Ursu.542055
CylanceUnsafe
SangforRiskware.Win32.SpikeAex.rhh_pid
CrowdStrikewin/malicious_confidence_60% (D)
BitDefenderGen:Variant.Ursu.542055
K7GWAdware ( 004feb8b1 )
K7AntiVirusAdware ( 004feb8b1 )
ESET-NOD32a variant of Win32/Funshion.A potentially unwanted
APEXMalicious
CynetMalicious (score: 85)
Kasperskynot-a-virus:HEUR:Downloader.Win32.Funshion.gen
AlibabaDownloader:Win32/Funshion.6a69c871
NANO-AntivirusTrojan.Win32.Funshion.evwwcl
MicroWorld-eScanGen:Variant.Ursu.542055
Ad-AwareGen:Variant.Ursu.542055
ComodoApplicUnwnt@#1luc6xo80fbfi
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionArtemis
FireEyeGen:Variant.Ursu.542055
EmsisoftGen:Variant.Ursu.542055 (B)
SentinelOneStatic AI – Suspicious PE
WebrootPua.Funshion
AviraHEUR/AGEN.1107662
eGambitUnsafe.AI_Score_100%
MicrosoftPUA:Win32/Presenoker
GridinsoftAdware.Funshion.vl!c
ArcabitTrojan.Ursu.D84567
AegisLabRiskware.Win32.Generic.1!c
ZoneAlarmnot-a-virus:HEUR:Downloader.Win32.Funshion.gen
GDataGen:Variant.Ursu.542055
McAfeeArtemis!850A2C4C7285
MAXmalware (ai score=99)
VBA32Downloader.Funshion
MalwarebytesPUP.Optional.Funshion
TrendMicro-HouseCallTROJ_GEN.R002H0CAQ21
YandexTrojan.GenAsa!LvJDn9Fwx0U
IkarusPUA.Funshion
FortinetRiskware/Funshion

How to remove Ursu.542055?

Ursu.542055 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment