Malware

Ursu.736129 information

Malware Removal

The Ursu.736129 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.736129 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Unconventionial binary language: Russian
  • Unconventionial language used in binary resources: Russian
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Ursu.736129?



File Info:

crc32: BCE6A3B5
md5: c228c465c144c669d6a5fd72b0848b8d
name: winrar.5.61.exe
sha1: 2410a0ca4306a6b319fae1e08369ffb8b6614b78
sha256: c79e3e29a534eae688dd1b5f6c923d8b5b062e10e92db18e8d27027bffc4db64
sha512: fc948c69cabcdb240d509fb106e2ceae7af27e13c7641bc41e2cd86c920fa2750561b41ab3d223692288d462a14e0aebf5b456a09368faf8b44603700729bde5
ssdeep: 98304:b6BsPb3Oo+8H1JyM4QxmZYYqk4AAYeUNVTgMx9:vPb3Oo+8Z1k9YYTVT57
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

FileDescription: WinRAR 5.61 Final
FileVersion: 5.61.0.0
CompanyName: diakov.net
Translation: 0x0419 0x04e3

Ursu.736129 also known as:

MicroWorld-eScanGen:Variant.Ursu.736129
BitDefenderGen:Variant.Ursu.736129
GDataGen:Variant.Ursu.736129
Kasperskynot-a-virus:HEUR:AdWare.Win32.Agent.gen
Ad-AwareGen:Variant.Ursu.736129
DrWebAdware.StartPage.51
McAfee-GW-EditionBehavesLike.Win32.Backdoor.rc
EmsisoftGen:Variant.Ursu.736129 (B)
JiangminTrojan.MSIL.ojsb
ArcabitTrojan.Ursu.DB3B81
ZoneAlarmnot-a-virus:HEUR:AdWare.Win32.Agent.gen
MicrosoftPUA:Win32/CoinMiner
VBA32Adware.StartPage
RisingPUF.RAR-Exploit!1.B604 (CLASSIC)
eGambitUnsafe.AI_Score_71%
MaxSecureTrojan.Malware.181143.susgen

How to remove Ursu.736129?

Ursu.736129 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

1 Comment

  • Hi, its pleasant article on the topic of media print, we all be aware
    of media is a great source of facts.

    Reply

Leave a Comment