Malware

Ursu.915673 removal

Malware Removal

The Ursu.915673 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ursu.915673 virus can do?

  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Unconventionial language used in binary resources: Spanish (Argentina)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Ursu.915673?



File Info:

name: 783F8FFFA3B4D32407C0.mlw
path: /opt/CAPEv2/storage/binaries/be9bc094b15b08ab5525456bdb0154bb7cf64bced6e31ac0591ae3ecdaade8eb
crc32: DC96BD78
md5: 783f8fffa3b4d32407c01f354700425b
sha1: 24f2c75f441e370c0f6af0576098bf81a1d842cc
sha256: be9bc094b15b08ab5525456bdb0154bb7cf64bced6e31ac0591ae3ecdaade8eb
sha512: fdb0186536ca30ceee738bd1d59295a9d8aaf658052851b22f4b221a309f5f37ff33a102ca9d80cc52ce27c1ff461f3a20151c48bfdab92ebe6b04173ff18bc5
ssdeep: 24576:CnTZzweN2jftS0uCCvtmxKhf03yIizLfJrUaq3A1gYkc7CVPA+U:sNzy9NCOe0iIizlrU73tSYP
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T122352335EE74BA56C102147A8896F7B641B59D08798D1E4B8EFC7DBF3F7CB200896A01
sha3_384: ca661d9deeaff914e5e8598f81b257ffdb6920db0a1628c715ea17ab7060d4c49e3093130862bca8d37725d7a5bd8475
ep_bytes: 60be00f051008dbe0020eeffc787a0f0
timestamp: 2020-06-17 09:25:17


Version Info:

CompanyName: RadiXX11
FileDescription: NCH Software Keygen
FileVersion: 1.7.0.0
InternalName: Keygen.exe
LegalCopyright: © 2020, RadiXX11
LegalTrademarks: 
OriginalFilename: Keygen.exe
ProductName: NCH Software Keygen
ProductVersion: 1.7.0.0
Comments: 
Translation: 0x0409 0x04e4

Ursu.915673 also known as:

LionicRiskware.Win32.Ursu.1!c
MicroWorld-eScanGen:Variant.Ursu.915673
FireEyeGeneric.mg.783f8fffa3b4d324
McAfeeArtemis!783F8FFFA3B4
CylanceUnsafe
ZillyaTrojan.Keygen.Win32.4068
K7AntiVirusUnwanted-Program ( 00545e5b1 )
K7GWUnwanted-Program ( 00545e5b1 )
Cybereasonmalicious.fa3b4d
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Keygen.AHH potentially unsafe
TrendMicro-HouseCallTROJ_GEN.R002H09KM21
AvastFileRepMalware
BitDefenderGen:Variant.Ursu.915673
Ad-AwareGen:Variant.Ursu.915673
EmsisoftGen:Variant.Ursu.915673 (B)
Paloaltogeneric.ml
Antiy-AVLTrojan/Win32.Wacatac
GDataGen:Variant.Ursu.915673
MAXmalware (ai score=88)
MalwarebytesRiskWare.Tool.CK
APEXMalicious
eGambitUnsafe.AI_Score_71%
FortinetRiskware/KeyGen
MaxSecureTrojan.Malware.74510459.susgen
AVGFileRepMalware

How to remove Ursu.915673?

Ursu.915673 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment