Malware

What is “Ursu.810485”?

Malware Removal

The Ursu.810485 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.810485 virus can do?

  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Creates a copy of itself

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Ursu.810485?



File Info:

crc32: CE4E91A6
md5: 51bdd9687c01800a24a1070ad25c5e51
name: setup.exe
sha1: 07fc094a55efe9b52c0659d2d453dd5f8dcff39c
sha256: 56280ec19dbfb3b1dba1ff3746c0c5707cc4350a9d062593fd8f99daba188f85
sha512: 89e24481cd38fad4453fd37018269270f4454717d334f6360915f79917d155b07db5ede259284b3f4520ecbc6c7357345977f4baabe667c71dd8a4fbd5f16403
ssdeep: 98304:pZImJc9TnGfjel4sB9fqUwJpVjwBE+wdOfey+RAXS0Us+s3SGzE9Uag+ZRJmvI4R:pRSdajel1vEEBhF6RARUs+s3zagwZBwR
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (c) 2019 Flexera. All Rights Reserved.
ISInternalVersion: 25.0.764
InternalName: Setup
FileVersion: 1.0.0
CompanyName: Ideal Computer Systems Inc.
Internal Build Number: 195286
ProductName: Ideal Cloud Plugin
ProductVersion: 1.0.0
FileDescription: Setup Launcher Unicode
ISInternalDescription: Setup Launcher Unicode
OriginalFilename: setup.exe
Translation: 0x0409 0x04b0

Ursu.810485 also known as:

MicroWorld-eScanGen:Variant.Ursu.810485
Qihoo-360Generic/HEUR/QVM10.2.CDB5.Malware.Gen
McAfeeArtemis!51BDD9687C01
AegisLabTrojan.Win32.Ursu.4!c
BitDefenderGen:Variant.Ursu.810485
APEXMalicious
GDataGen:Variant.Ursu.810485
RisingTrojan.Occamy!8.F1CD (RDMK:cmRtazoDvTK7ahq+nFsdvsTXbsYt)
Ad-AwareGen:Variant.Ursu.810485
ComodoMalware@#3p9cvmsvsqs39
ZillyaTrojan.GenKryptik.Win32.40518
McAfee-GW-EditionBehavesLike.Win32.BadFile.wc
Trapminesuspicious.low.ml.score
EmsisoftGen:Variant.Ursu.810485 (B)
JiangminTrojan.PSW.Predator.arf
Antiy-AVLTrojan/Win32.Wacatac
ArcabitTrojan.Ursu.DC5DF5
MicrosoftTrojan:Win32/Wacatac.C!ml
ALYacGen:Variant.Ursu.810485
MAXmalware (ai score=87)
TrendMicro-HouseCallTROJ_GEN.R002H09DP20
YandexTrojan.PWS.Predator!
Paloaltogeneric.ml

How to remove Ursu.810485?

Ursu.810485 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment