Malware

Ursu.758640 malicious file

Malware Removal

The Ursu.758640 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Ursu.758640 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Ursu.758640?


File Info:

crc32: 73336926
md5: 9f41b5c44310d8362bb1258d4be09588
name: ds1.exe
sha1: 98faaabd9798fff5aebfd4c40b4141f4623e01ed
sha256: 7fad6ff48b82292de6b54ab0656a95421a6048b6a5db69713f22ca7e86bf9cf7
sha512: 6296b610fec1492616d5fab1ba3a689f03ba1c3a42dcc7b5044066fd7231bd878c5841d7bfb6ce15647bdf14313c4a7bb5c20154799b0b09d480cd765746d452
ssdeep: 768:J+at9W2URqxJ56SouYe4XqkWrco7SUWvcp0X:JlW2WCoFe4XqkW3Wv
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

Translation: 0x0409 0x04b0
InternalName: PERMUT
FileVersion: 1.00
CompanyName: NONPARTIA
Comments: EXECUTION
ProductName: Anisople
ProductVersion: 1.00
FileDescription: Eightythre
OriginalFilename: PERMUT.exe

Ursu.758640 also known as:

DrWebTrojan.DownLoader33.2342
MicroWorld-eScanGen:Variant.Ursu.758640
FireEyeGen:Variant.Ursu.758640
McAfeeFareit-FRM!9F41B5C44310
CylanceUnsafe
SangforMalware
BitDefenderGen:Variant.Ursu.758640
K7GWTrojan ( 005609851 )
ArcabitTrojan.Ursu.DB9370
BitDefenderThetaGen:NN.ZevbaF.34090.dm0@aqoylqni
APEXMalicious
KasperskyTrojan.Win32.Vebzenpak.dat
AlibabaTrojan:Win32/vbcrypt.ali2000008
NANO-AntivirusTrojan.Win32.Dwn.havzze
AegisLabTrojan.Win32.Vebzenpak.4!c
TencentWin32.Trojan.Vebzenpak.Hvsr
EmsisoftGen:Variant.Ursu.758640 (B)
F-SecureTrojan.TR/Injector.ncmpm
McAfee-GW-EditionBehavesLike.Win32.Trojan.qt
FortinetW32/Injector.EKOA!tr
Trapminesuspicious.low.ml.score
SophosMal/Generic-S
IkarusTrojan.Win32.Injector
CyrenW32/Trojan.XEKU-8964
AviraTR/Injector.ncmpm
MAXmalware (ai score=82)
Antiy-AVLTrojan/Win32.Wacatac
MicrosoftTrojan:Win32/Wacatac.C!ml
ZoneAlarmTrojan.Win32.Vebzenpak.dat
ALYacGen:Variant.Ursu.758640
Ad-AwareGen:Variant.Ursu.758640
PandaTrj/GdSda.A
ESET-NOD32a variant of Win32/Injector.EKOM
RisingTrojan.Injector!8.C4 (CLOUD)
GDataGen:Variant.Ursu.758640
AVGFileRepMalware
CrowdStrikewin/malicious_confidence_60% (W)
Qihoo-360Win32/Trojan.2a9

How to remove Ursu.758640?

Ursu.758640 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment