Ursu.775439 (B) malicious file

The Ursu.775439 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Ursu.775439 (B) virus can do?

Presents an Authenticode digital signature
Anomalous binary characteristics

How to determine Ursu.775439 (B)?


File Info:
crc32: FEA0A819
md5: 5aee3e259e47d3bcdbefe8b53d8eaf0d
name: 5AEE3E259E47D3BCDBEFE8B53D8EAF0D.mlw
sha1: 39690b33645ca82ee1ddd71dd3aa77de290030c4
sha256: 5c7a2fa04f42972449f74e5789054fca1f424b24f56d9f0428aa992d8bf1e5af
sha512: ad38611b6c5299142ad5adb86e25d52658ea5849e4b99127417e296b7c380e464bc03bbaa6fa10a61409923a51f6c115c4c6cc672a5b12fcac36e60c18e13130
ssdeep: 24576:rRXD2aewsAjNAkZqhae16CGbfxEXYGaKqM:rHljqkZqhaK6zbfqdl
type: PE32+ executable (GUI) x86-64, for MS Windows

Version Info:
LegalCopyright: xa91999-2018 Jonathan Bennett & AutoIt Team
InternalName: Au3Info.exe
FileVersion: 3, 3, 14, 5
CompanyName: AutoIt Team
Comments: http://www.autoitscript.com/autoit3/
ProductName: Au3Info
ProductVersion: 3, 3, 14, 5
FileDescription: Au3Info
OriginalFilename: Au3Info.exe
Translation: 0x0809 0x04b0

Ursu.775439 (B) also known as:

Lionic	Trojan.Win32.Ursu.4!c
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Ursu.775439
Sangfor	Trojan.Win32.Wacatac.B
CrowdStrike	win/malicious_confidence_70% (W)
Alibaba	Virus:Win32/Ransomware.06c689f6
Cybereason	malicious.59e47d
Cyren	W64/Ipamor.BF.gen!Eldorado
Symantec	Trojan.Gen.MBT
APEX	Malicious
Avast	Win64:Malware-gen
ClamAV	Win.Ransomware.WannaCry-9856297-0
BitDefender	Gen:Variant.Ursu.775439
MicroWorld-eScan	Gen:Variant.Ursu.775439
Ad-Aware	Gen:Variant.Ursu.775439
Sophos	Mal/Generic-R
McAfee-GW-Edition	BehavesLike.Win64.HLLP.th
FireEye	Generic.mg.5aee3e259e47d3bc
Emsisoft	Gen:Variant.Ursu.775439 (B)
SentinelOne	Static AI – Suspicious PE
Microsoft	Trojan:Win32/Wacatac.B!ml
Arcabit	Trojan.Ursu.DBD50F
GData	Gen:Variant.Ursu.775439
McAfee	Artemis!5AEE3E259E47
MAX	malware (ai score=86)
VBA32	Trojan.Downloader
TrendMicro-HouseCall	TROJ_GEN.R002H0CF521
Ikarus	Virus.Win32.VB
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W64/Ipamor.959B!tr
AVG	Win64:Malware-gen
Paloalto	generic.ml
Qihoo-360	Win64/Trojan.Generic.HgEASV8A

How to remove Ursu.775439 (B)?

Ursu.775439 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X