Malware

Ursu.722624 removal

Malware Removal

The Ursu.722624 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.722624 virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Ursu.722624?



File Info:

name: 3E44B2C42A0B26C6BA89.mlw
path: /opt/CAPEv2/storage/binaries/21a9509d995282dc614e839eacf10da7a9e7d2d5c84ed6c5ed0b8135f3fd1e48
crc32: 538F6DDD
md5: 3e44b2c42a0b26c6ba89019717b1344a
sha1: 80b7baf382dd74ca9f223c6919b7f5827185dba4
sha256: 21a9509d995282dc614e839eacf10da7a9e7d2d5c84ed6c5ed0b8135f3fd1e48
sha512: d18c39443c9f3cfb5ea85281bac021e3ed0057d2d9c0e3a3677fb7bcfc78ff23e646ea457d690a34e8ad5e6a475816e9f986d356abd355a446c0e4c04c872ac4
ssdeep: 98304:TT0ycir6Hw7OTYjXttnlAA28W53ENhzOuZbL+FCswh7:TTH97OTUXTlAA2tdyZO8+Hw7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12916223266614033E7F20173B92896303E38A3282761897BD7D4FD1D7EA84D65BF7266
sha3_384: c5905066ffaefb00557f5d9043d9526d483810be9151f32dc078ed45cebd58129d1214555f7333ce875e538b8654cb44
ep_bytes: e83a050000e97afeffffcccccccccc8b
timestamp: 2019-09-17 05:33:38


Version Info:

CompanyName: Alex Gor
FileDescription: Top-Wallets 1.2 (x64)
FileVersion: 1.2
InternalName: setup
LegalCopyright: Copyright (c) Alex Gor. All rights reserved.
OriginalFilename: Top-Wallets 1.2 (x64).exe
ProductName: Top-Wallets 1.2 (x64)
ProductVersion: 1.2
Translation: 0x0409 0x04e4

Ursu.722624 also known as:

FireEyeGen:Variant.Ursu.722624
McAfeeArtemis!3E44B2C42A0B
Cylanceunsafe
SangforTrojan.Win32.Ursu.Vcjd
ESET-NOD32a variant of Win64/CoinMiner.TB potentially unwanted
BitDefenderGen:Variant.Ursu.722624
MicroWorld-eScanGen:Variant.Ursu.722624
RisingPUA.CoinMiner!8.4639 (CLOUD)
EmsisoftGen:Variant.Ursu.722624 (B)
VIPREGen:Variant.Ursu.722624
McAfee-GW-EditionArtemis
GDataGen:Variant.Ursu.722624
ArcabitTrojan.Ursu.DB06C0
ALYacGen:Variant.Ursu.722624
MAXmalware (ai score=88)
MaxSecureTrojan.Malware.209391681.susgen
FortinetAdware/Miner
DeepInstinctMALICIOUS

How to remove Ursu.722624?

Ursu.722624 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment