Malware

Ursu.777737 (file analysis)

Malware Removal

The Ursu.777737 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.777737 virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Ursu.777737?



File Info:

name: 32E4CA450A1A6B4EAA8F.mlw
path: /opt/CAPEv2/storage/binaries/0c36888bf563c60a621179d29b0a648469219c7d3d31b666a9e28e43ecb58231
crc32: 41AF54A8
md5: 32e4ca450a1a6b4eaa8f1a1c8f4d2540
sha1: d633dba1b4c6ad5935e9d3aeadf85ccfeee76b6a
sha256: 0c36888bf563c60a621179d29b0a648469219c7d3d31b666a9e28e43ecb58231
sha512: 37bde791162d66aa4f31f20ce639ce124d8e76ba0ca79dfbbce74f7e69845c101a9c7c9dd3a00e0909d7205d495ff8716407a1c77252b45092b2550ca5cb2ad8
ssdeep: 98304:wEzj7wJft9D99eexApnfzjDI9Nnsz6sQFPUldBRxUPIj6ZtK:7Lmft9ZMegnzI9dTUldBRqPIj6Zt
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16BF5238AEB5F6E24C829577A21204F3147A5DD0694A2DF7AFF80F1930839535AF90ED3
sha3_384: d000e459d281d25a973751f9de66fd5b87b525328230284276b8e50be8be90e57d383ef91e28db17b37df4db31d4bb38
ep_bytes: ff250020400000000000000000000000
timestamp: 2020-02-27 13:39:05


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: WatchFreeMovies
FileVersion: 1.0.0.0
InternalName: Download Movies HD (FREE).exe
LegalCopyright: Copyright ©  2020
LegalTrademarks: 
OriginalFilename: Download Movies HD (FREE).exe
ProductName: WatchFreeMovies
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Ursu.777737 also known as:

LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanGen:Variant.Ursu.777737
FireEyeGen:Variant.Ursu.777737
McAfeeArtemis!32E4CA450A1A
CylanceUnsafe
K7AntiVirusPassword-Stealer ( 0056b8411 )
AlibabaTrojan:MSIL/Generic.dcad580d
K7GWPassword-Stealer ( 0056b8411 )
SymantecML.Attribute.HighConfidence
ESET-NOD32MSIL/PSW.Agent.RRI
APEXMalicious
Paloaltogeneric.ml
BitDefenderGen:Variant.Ursu.777737
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Ursu.777737
EmsisoftGen:Variant.Ursu.777737 (B)
McAfee-GW-EditionArtemis
SophosMal/Generic-S
IkarusTrojan-Spy.Agent
GDataGen:Variant.Ursu.777737
AviraTR/Spy.Gen
ArcabitTrojan.Ursu.DBDE09
MicrosoftBackdoor:Win32/Bladabindi!ml
CynetMalicious (score: 99)
ALYacGen:Variant.Ursu.777737
MAXmalware (ai score=88)
TrendMicro-HouseCallTROJ_GEN.R002H0CL321
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.77030077.susgen
FortinetMSIL/Agent.RRI!tr.pws
AVGWin32:Malware-gen
Cybereasonmalicious.50a1a6

How to remove Ursu.777737?

Ursu.777737 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment