Categories: Malware

Application.Bulz.134753 (B) removal instruction

The Application.Bulz.134753 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Application.Bulz.134753 (B) virus can do?

Behavioural detection: Executable code extraction – unpacking
Unconventionial binary language: Chinese (Simplified)
The binary contains an unknown PE section name indicative of packing
Executable file is packed/obfuscated with ASPack
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Application.Bulz.134753 (B)?


File Info:
name: 2481C4ABBEEDA4D9EC0B.mlwpath: /opt/CAPEv2/storage/binaries/efef72283bcdefd0af5dbf7fdd67eaa4ce486299bc87e0e85260723c4ed51beccrc32: D51FD5D3md5: 2481c4abbeeda4d9ec0b1054c44cdc62sha1: 30ffe17f3f71c78a56e078a557e39ac775099093sha256: efef72283bcdefd0af5dbf7fdd67eaa4ce486299bc87e0e85260723c4ed51becsha512: 0aac864997093441e0b60986be46696e275ca4cac8119cd13fa8d7af9a53e2f96a835f43d3f27e5375fb8ceba59a10bd4d343807c362f559289d672e32f027a5ssdeep: 49152:Tak/ivyZu+k0WdEY9HqbPteBhKcG2G04daG6kMxqDnLEtIo+E:h/m8nEHqbPsGctadaGRItLtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T17385331B2A0C7127DE06B674E0955E2DA17C77B2DDC7F67B132889A0BD0610B8F476B2sha3_384: 51ce81588e1b9ef682f2426204576aaa00489b386b96333d5b5cb5660970c5c31ad7d80b9f13f420fd5bd0c713c980fdep_bytes: 60e803000000e9eb045d4555c3e80100timestamp: 2022-03-23 11:36:58
Version Info:
CompanyName: 178网游工作室FileDescription: 商业程序InternalName: LoginTools.exeLegalCopyright: 版权所有 (C) 2010OriginalFilename: LoginTools.exeProductName: 商业程序ProductVersion: 1, 0, 0, 0FileVersion: 1,0,0,0Translation: 0x0804 0x03a8

Application.Bulz.134753 (B) also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoader44.47791
MicroWorld-eScan	Gen:Variant.Application.Bulz.134753
FireEye	Generic.mg.2481c4abbeeda4d9
CAT-QuickHeal	PUA.IgenericIH.S27064394
Skyhigh	BehavesLike.Win32.Dropper.tc
McAfee	GenericRXGA-BH!8E110C7754D7
Malwarebytes	Generic.Malware.AI.DDS
VIPRE	Gen:Variant.Application.Bulz.134753
Sangfor	Suspicious.Win32.Save.ins
K7AntiVirus	Riskware ( 005439d61 )
K7GW	Riskware ( 005439d61 )
BitDefenderTheta	Gen:NN.ZelphiF.36608.XT0baqSj4lni
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/RiskWare.GameTool.S
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	UDS:Trojan.Win32.Badur
BitDefender	Gen:Variant.Application.Bulz.134753
Avast	Win32:Evo-gen [Trj]
Emsisoft	Gen:Variant.Application.Bulz.134753 (B)
Zillya	Tool.GameTool.Win32.870
TrendMicro	TROJ_GEN.R011C0DA124
Trapmine	malicious.high.ml.score
Sophos	Generic ML PUA (PUA)
SentinelOne	Static AI – Suspicious PE
Jiangmin	Trojan.Bulz.h
Varist	W32/Bulz.V.gen!Eldorado
MAX	malware (ai score=74)
Antiy-AVL	Trojan[PSW]/Win32.Lmir
Arcabit	Trojan.Application.Bulz.D20E61
ZoneAlarm	UDS:Trojan.Win32.Badur
GData	Win32.Trojan.PSE.10SL7FA
Google	Detected
AhnLab-V3	Malware/Win32.RL_Generic.R329115
VBA32	TScope.Trojan.Delf
ALYac	Gen:Variant.Application.Bulz.134753
Cylance	unsafe
Tencent	RiskWare.Win32.GameTool.ha
Yandex	Trojan.GenAsa!8M74xrHXt8Q
Ikarus	Trojan-Spy.Lmir
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Barys.358463!tr
AVG	Win32:Evo-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_90% (W)