Categories: Adware

What is “Adware.Bulz.2318”?

The Adware.Bulz.2318 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Adware.Bulz.2318 virus can do?

Behavioural detection: Executable code extraction – unpacking
Scheduled file move on reboot detected
Yara rule detections observed from a process memory dump/dropped files/CAPE
Creates RWX memory
Dynamic (imported) function loading detected
Enumerates running processes
Reads data out of its own binary image
CAPE extracted potentially suspicious content
Drops a binary and executes it
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
Anomalous binary characteristics

How to determine Adware.Bulz.2318?


File Info:
name: 5866FBA9EDF312151441.mlwpath: /opt/CAPEv2/storage/binaries/9fce288d2282133572d9655cab23fe88afb45d1f5e2802b21f08c92a25f6cbb2crc32: F8D265CFmd5: 5866fba9edf3121514418208d8ce9aaesha1: 1643604cf743cd551de701655ef5838c319ba202sha256: 9fce288d2282133572d9655cab23fe88afb45d1f5e2802b21f08c92a25f6cbb2sha512: 3ccc2d8d047e437c34f34a1f8e71c5015dc6b871c31887b8ba6fb5a3b3bdfc46b38684e0144d5135f1a7c5bd698ae39a12a8c20beb19f93e9f54ec943b0d9b56ssdeep: 49152:+v5PaaUHZlzKgKteGhKJ+Lhk3HeZZ+Qkh6gR1kWi6f4Zo+cX4:akPnzfiA2+Qc6g1/i6fW2X4type: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T131C53351D29284B2F26336F0632A85FC4FBBBD415878706CB24DBD5A8FA6B71458C723sha3_384: 1eea017f5da3ce21e693a52d4ffb6593e4a4aeedebc69c6e570ce53ea9f6fb9b80bf9f9661a40bdaf6653af00cd3386bep_bytes: 558bec83c4c453565733c08945f08945timestamp: 2020-12-02 14:17:55
Version Info:
Comments: This installation was built with Inno Setup.CompanyName:                                                             FileDescription: Vne Recorder Setup                                          FileVersion: 1.0.0.9             LegalCopyright:                                                                                                     ProductName: Vne Recorder                                                ProductVersion: 1.0.0.9             Translation: 0x0000 0x04b0

Adware.Bulz.2318 also known as:

Lionic	Trojan.Win32.Convagent.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Adware.Bulz.2318
FireEye	Gen:Variant.Adware.Bulz.2318
McAfee	Artemis!5866FBA9EDF3
Cylance	Unsafe
K7AntiVirus	Riskware ( 0040eff71 )
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.9edf31
Arcabit	Trojan.Adware.Bulz.D90E
Cyren	W32/Convagent.A.gen!Eldorado
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of Win32/TrojanDropper.Agent.SLY
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Malware.Convagent-9827235-0
Kaspersky	HEUR:Trojan.Win32.Convagent.gen
BitDefender	Gen:Variant.Adware.Bulz.2318
Avast	Win32:AdwareX-gen [Adw]
Tencent	Win32.Trojan.Convagent.Swbe
Ad-Aware	Gen:Variant.Adware.Bulz.2318
Sophos	Mal/Generic-S
DrWeb	Trojan.Siggen9.22670
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.AdwareFileTour.vc
Emsisoft	Gen:Variant.Adware.Bulz.2318 (B)
SentinelOne	Static AI – Suspicious PE
Jiangmin	Trojan.Convagent.i
Avira	HEUR/AGEN.1140093
Microsoft	Trojan:Win32/Wacatac.A!ml
GData	Gen:Variant.Adware.Bulz.2318
AhnLab-V3	Malware/Win32.Generic.C4251095
ALYac	Gen:Variant.Adware.Bulz.2318
MAX	malware (ai score=64)
Malwarebytes	Trojan.Dropper
TrendMicro-HouseCall	TROJ_GEN.R002H0CL421
Fortinet	Riskware/Application
AVG	Win32:AdwareX-gen [Adw]