Malware

Ursu.583139 malicious file

Malware Removal

The Ursu.583139 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.583139 virus can do?

  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Ursu.583139?



File Info:

name: EE727E2C13197F9B13CE.mlw
path: /opt/CAPEv2/storage/binaries/bc0921888fceae80c97b7d285c9f8775b1817b1fbe2b96693d45cb32b2724d8b
crc32: F3DF8DB7
md5: ee727e2c13197f9b13ce7f46d20a8af4
sha1: 151de26ba8c9033b80d7d5536c844100e3982c2b
sha256: bc0921888fceae80c97b7d285c9f8775b1817b1fbe2b96693d45cb32b2724d8b
sha512: 41297bd527589798cc722c5707defc9c62a0214d4942c4073ce4a891d06747a35786dede0adbc5a324efe23ca08c955c2eacef962e8e7420135939419094be62
ssdeep: 3072:jkKubQ2E7TQbMy22Zy22V+g25I0cYYQx:j5u27TQbw2l2V
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1ADD3CF2DADBAC7F0C9FFAB3454E16B01137B8D51A743C78EBD58A0DEBD231488A82515
sha3_384: 409899788fb108582eac0fc6d658508b3d34cebb6dc496470c38eade02a9f200369a870538fe63e9d68c069922aabb93
ep_bytes: ff250020400000000000000000000000
timestamp: 2017-09-09 03:22:23


Version Info:

Translation: 0x0000 0x04b0
FileDescription: paypal
FileVersion: 1.0.0.0
InternalName: paypal.exe
LegalCopyright: Copyright ©  2017
OriginalFilename: paypal.exe
ProductName: paypal
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Ursu.583139 also known as:

LionicTrojan.Win32.Ursu.4!c
Elasticmalicious (moderate confidence)
FireEyeGen:Variant.Ursu.583139
McAfeeArtemis!EE727E2C1319
Cylanceunsafe
VIPREGen:Variant.Ursu.583139
APEXMalicious
BitDefenderGen:Variant.Ursu.583139
MicroWorld-eScanGen:Variant.Ursu.583139
EmsisoftGen:Variant.Ursu.583139 (B)
McAfee-GW-EditionArtemis
Trapminemalicious.high.ml.score
GDataGen:Variant.Ursu.583139
ArcabitTrojan.Ursu.D8E5E3
BitDefenderThetaGen:NN.ZemsilCO.36348.iq0@a8!!4an
ALYacGen:Variant.Ursu.583139
MAXmalware (ai score=84)
TrendMicro-HouseCallTROJ_GEN.R002H09EL23
MaxSecureTrojan.Malware.300983.susgen
Cybereasonmalicious.c13197
DeepInstinctMALICIOUS

How to remove Ursu.583139?

Ursu.583139 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment