Malware

Should I remove “Ursu.775007”?

Malware Removal

The Ursu.775007 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.775007 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine Ursu.775007?



File Info:

name: FBCACFEFD425FF258777.mlw
path: /opt/CAPEv2/storage/binaries/9ecc8cb04d905f1efb4a9b379842f4d72a3935c01459c6b8eec6f9c0d98378a6
crc32: 1EE0CF9D
md5: fbcacfefd425ff2587776f9a5dcd92b1
sha1: 19d937c533c3d1229380b6ca03512e3d98d179b7
sha256: 9ecc8cb04d905f1efb4a9b379842f4d72a3935c01459c6b8eec6f9c0d98378a6
sha512: 7581d8fe9049d8519e80c6e5f8b957274e4a7c8673d56815e69eeb19d15d813608836d002fd982d6273688f00abcb24b123a822b310be6221241308d3692e10e
ssdeep: 1536:fXIMkZy4mAWoOzGNc2SKdzPlzSjCzFl13Qj/jju32O55pYRI/s1I3h8T:/IkhorHSyVSkl13QDjjmzp9uT
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T197F39E229AE0FC15CBA5833548678A640A2FAC951CA458D719CD3F5F7913FC3A53C3AB
sha3_384: 005ca07bd6c330b2105b8949bca70ac0c52f58354c083582b76424fb831ccc5cdbe9b4b2e945340b2b3901e78663a65a
ep_bytes: 6838844000e8eeffffff000000000000
timestamp: 2014-09-19 13:45:15


Version Info:

Translation: 0x0409 0x04b0
Comments: Exinos
CompanyName: Exinos Socket
FileDescription: Exinos Socket
LegalCopyright: Exinos
LegalTrademarks: Exinos
ProductName: Socket
FileVersion: 1.00
ProductVersion: 1.00
InternalName: preacherizes
OriginalFilename: preacherizes.exe

Ursu.775007 also known as:

MicroWorld-eScanGen:Variant.Ursu.775007
FireEyeGen:Variant.Ursu.775007
CAT-QuickHealTrojandownloader.Guloader
ALYacGen:Variant.Ursu.775007
CylanceUnsafe
ZillyaDownloader.GuLoader.Win32.123
SangforTrojan.Win32.GuLoader.adx
K7AntiVirusTrojan ( 0058dede1 )
BitDefenderGen:Variant.Ursu.775007
K7GWTrojan ( 0058dede1 )
Cybereasonmalicious.fd425f
ArcabitTrojan.Ursu.DBD35F
VirITTrojan.Win32.VBZenPack_Heur
CyrenW32/VBInject.AHW.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.ERAZ
APEXMalicious
Paloaltogeneric.ml
ViRobotTrojan.Win32.Z.Ursu.161048
TencentWin32.Trojan.Falsesign.Egyc
Ad-AwareGen:Variant.Ursu.775007
SophosMal/Generic-R + Troj/Zbot-POJ
ComodoMalware@#3luicrvviso7x
TrendMicroTROJ_GEN.R002C0DB422
McAfee-GW-EditionRDN/Generic Downloader.x
EmsisoftGen:Variant.Ursu.775007 (B)
IkarusTrojan.VB.Crypt
JiangminTrojanDownloader.GuLoader.iw
WebrootW32.Trojan.Gen
AviraTR/AD.Nekark.kgbge
MAXmalware (ai score=81)
Antiy-AVLTrojan/Generic.ASMalwS.3523309
KingsoftWin32.Troj.Generic_a.a.(kcloud)
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/VBInject.SM!MTB
GDataGen:Variant.Ursu.775007
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win.FDGV.R470933
McAfeeRDN/Generic Downloader.x
VBA32BScope.Trojan.Sabsik.FL
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002C0DB422
RisingDownloader.Injector!8.89D (CLOUD)
YandexTrojan.Igent.bXqfkd.1
SentinelOneStatic AI – Suspicious PE
FortinetW32/ERAZ!tr
AVGWin32:Trojan-gen
AvastWin32:Trojan-gen
CrowdStrikewin/malicious_confidence_100% (W)
MaxSecureTrojan.Malware.140086395.susgen

How to remove Ursu.775007?

Ursu.775007 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment