Malware

About “Ursu.811455” infection

Malware Removal

The Ursu.811455 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.811455 virus can do?

  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Creates a copy of itself

How to determine Ursu.811455?



File Info:

name: 291AB24BC322612C86A5.mlw
path: /opt/CAPEv2/storage/binaries/3fc899f4494bef65d9c120bba3e34db22f1da095892074ead4ed7a5738303f02
crc32: 184FEF9D
md5: 291ab24bc322612c86a5dcf069322daa
sha1: 131b5df11280a7e2286d3fe3c8ee50718d4e90bb
sha256: 3fc899f4494bef65d9c120bba3e34db22f1da095892074ead4ed7a5738303f02
sha512: 01746d2b23ab24cdb701957ba39751cf22f9fed0eda1cbec1f09b5058641c0e62f9c373817d093ae0fe55320f7faa267dcada165e027a4bb94720aa92b4cd4be
ssdeep: 24576:Jc1dAMmenWmQiswJBF3Jd3pbST2W9I7WNPwWsQmmkEB/CQ:m/BP3npbSHwWXlkEBKQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12435AF22F6F18437C1721B789D6BA3945539BE103D28985B3BEC0F4C5F7A6523C252AB
sha3_384: 65349d7b2b613c269d60315ec426a331f15a0ef38245520ef10dc6ee9907f32b2f8829a1857a393a3736b28c36132048
ep_bytes: 558becb9410000006a006a004975f951
timestamp: 2011-10-16 23:13:16


Version Info:

0: [No Data]

Ursu.811455 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Buzus.lnay
MicroWorld-eScanGen:Variant.Ursu.811455
FireEyeGeneric.mg.291ab24bc322612c
SkyhighBehavesLike.Win32.Fake.tc
McAfeeArtemis!291AB24BC322
MalwarebytesGeneric.Malware/Suspicious
ZillyaTrojan.Buzus.Win32.83248
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (W)
AlibabaTrojan:Win32/Buzus.01bb03b6
K7GWTrojan ( 0055e3991 )
K7AntiVirusTrojan ( 0055e3991 )
BitDefenderThetaGen:NN.ZelphiF.36802.gLW@aiHWfOci
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Injector.KHB
APEXMalicious
CynetMalicious (score: 99)
KasperskyTrojan.Win32.Buzus.iwgt
BitDefenderGen:Variant.Ursu.811455
NANO-AntivirusTrojan.Win32.Buzus.cxnwgm
AvastWin32:Injector-AGZ [Trj]
TencentWin32.Trojan.Buzus.Sgil
EmsisoftGen:Variant.Ursu.811455 (B)
F-SecureDropper.DR/Delphi.Gen7
DrWebTrojan.DownLoader5.24638
VIPREGen:Variant.Ursu.811455
Trapminemalicious.moderate.ml.score
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
GoogleDetected
AviraDR/Delphi.Gen7
Antiy-AVLTrojan/Win32.Buzus
KingsoftWin32.Trojan.Buzus.iwgt
MicrosoftTrojan:Win32/Fareit!ml
XcitiumMalware@#1emy4ezbqcb8q
ArcabitTrojan.Ursu.DC61BF
ZoneAlarmTrojan.Win32.Buzus.iwgt
GDataGen:Variant.Ursu.811455
AhnLab-V3Trojan/Win32.Buzus.C15
VBA32Trojan.Buzus
ALYacGen:Variant.Ursu.811455
MAXmalware (ai score=100)
Cylanceunsafe
PandaGeneric Malware
RisingRansom.Blocker!8.12A (TFE:4:r7KeiIMltCD)
YandexTrojan.GenAsa!HczMDdK94cI
IkarusTrojan.Win32.Jorik
MaxSecureTrojan.Malware.3383570.susgen
FortinetW32/Injector.MOU!tr
AVGWin32:Injector-AGZ [Trj]
Cybereasonmalicious.bc3226
DeepInstinctMALICIOUS
alibabacloudTrojan:Win/Injector.Swisyn

How to remove Ursu.811455?

Ursu.811455 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment