Malware

Bulz.109136 removal tips

Malware Removal

The Bulz.109136 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.109136 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the RedLine malware family
  • Anomalous binary characteristics

How to determine Bulz.109136?



File Info:

name: 6A2173A121BDD444FFDE.mlw
path: /opt/CAPEv2/storage/binaries/255c98a5e8bae1dd58de5d01dc403c2cc05be3c7ddc1109abd99eb1c2e372c74
crc32: 3BC26445
md5: 6a2173a121bdd444ffde8b8d93140351
sha1: b6d00428d4ce1ff3ea476e86a56a63b580649010
sha256: 255c98a5e8bae1dd58de5d01dc403c2cc05be3c7ddc1109abd99eb1c2e372c74
sha512: 0267d52861a2a611a05b9886df0111f8b4dd4477fbd1972a460283bba23e85c32a87b2e66e67985f9b0a7d7be62e236715af01f905a3bb844ab3142c1ee10102
ssdeep: 3072:gDKW1LgppLRHMY0TBfJvjcTp5X1YngbeI8zr4NoVF/:gDKW1Lgbdl0TBBvjc/1YngbU34NoVF/
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16144AD1075C0C1B2D4B7143184E6CA799A3A70324B7A96D7BBDD17BA6F122E1A3363CD
sha3_384: 68ec33383f94f4eff75868b87432833144b98dc02215ed1a23793c2f81ff2caeaf39f69655f9004dec841ef37af1d3cb
ep_bytes: e8e15c0000e9a4feffff8bff558bec83
timestamp: 2012-07-13 22:47:16


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: DTM soft                                                    
FileDescription: Database stress testing tool                                
FileVersion: 1.24.12.0           
LegalCopyright: © 2004-2020 DTM soft                                                                                
ProductName: DTM DB Stress                                               
ProductVersion: 1.24.12.0                                         
Translation: 0x0000 0x04b0

Bulz.109136 also known as:

LionicTrojan.Win32.Bulz.4!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.6a2173a121bdd444
ALYacGen:Variant.Bulz.109136
CylanceUnsafe
ZillyaTrojan.Reline.Win32.339
SangforInfostealer.MSIL.MassLogger.MTB
K7AntiVirusSpyware ( 0054a0841 )
AlibabaTrojanPSW:MSIL/Reline.3a3c4afe
K7GWSpyware ( 0054a0841 )
Cybereasonmalicious.121bdd
BitDefenderThetaGen:NN.ZexaF.34212.qq3@aOSLtn
CyrenW32/Trojan.DAN.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Spy.Agent.BYF
Paloaltogeneric.ml
KasperskyTrojan-PSW.MSIL.Reline.akp
BitDefenderGen:Variant.Bulz.109136
MicroWorld-eScanGen:Variant.Bulz.109136
AvastWAT:Blacked-AB [Trj]
TencentMsil.Trojan-qqpass.Qqrob.Wofx
Ad-AwareGen:Variant.Bulz.109136
EmsisoftGen:Variant.Bulz.109136 (B)
ComodoMalware@#11tm3g5qjylml
F-SecureTrojan.TR/Dropper.Gen
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Generic.dh
SophosMal/Generic-S
GDataWin32.Trojan.Sabsik.B
MaxSecureTrojan.Malware.300983.susgen
AviraTR/Dropper.Gen
Antiy-AVLTrojan[Spy]/MSIL.Agent
ArcabitTrojan.Bulz.D1AA50
ZoneAlarmTrojan-PSW.MSIL.Reline.akp
MicrosoftPWS:MSIL/MassLogger!MTB
SentinelOneStatic AI – Malicious PE
AhnLab-V3Malware/Win32.Generic.C4285129
Acronissuspicious
McAfeeArtemis!6A2173A121BD
VBA32TrojanPSW.MSIL.Reline
MalwarebytesSpyware.RedLineStealer
APEXMalicious
RisingSpyware.Agent!8.C6 (CLOUD)
MAXmalware (ai score=80)
eGambitUnsafe.AI_Score_95%
FortinetMSIL/Agent.BYF!tr
AVGWAT:Blacked-AB [Trj]
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_60% (D)

How to remove Bulz.109136?

Bulz.109136 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment