Malware

Bulz.10966 (B) removal

Malware Removal

The Bulz.10966 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.10966 (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • Tries to suspend Cuckoo threads to prevent logging of malicious activity
  • Queries information on disks, possibly for anti-virtualization
  • Attempted to write directly to a physical drive

How to determine Bulz.10966 (B)?



File Info:

name: F6103ED9A67BAD6B0F02.mlw
path: /opt/CAPEv2/storage/binaries/fd2f601d67d0bf51821568133ab7a0f6a70c7d737e4a699e6cb377a0ac231ab4
crc32: C69E41F3
md5: f6103ed9a67bad6b0f02622f3b41e0cb
sha1: 4f7642fe39cbbc1691ee8433696b3ffb3d2f4241
sha256: fd2f601d67d0bf51821568133ab7a0f6a70c7d737e4a699e6cb377a0ac231ab4
sha512: c0b59fce463e626d89559c2e207c877212c6ae759f17057851cf9666a6b81a4540b83803938e1deaa926a161276d82a1f8be6eec7efbb33110ee32b2f8535387
ssdeep: 98304:A5aFJLa9X3tko71OFu0IJ9T2pgtz//zgmd1hlHiM/EFWSF/Ug9RF5Qj:A5aFJLSyoauXspeYmddZ/0l/Ug9D0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T163163311B385A0FBEBA179700115B72E45F7F53D9B1651EBC2602BC08D386E2A17A3DE
sha3_384: 7aec8583ea3359b1cd254e916694e87b881fd4039a9f8efd9a53d98c86e71ee3315d173de7032db134db9ac02172bfed
ep_bytes: 558bec6aff6880fa410068f0c4410064
timestamp: 2016-04-02 22:14:34


Version Info:

CompanyName: Bureausoft Corporation
LegalCopyright: Copyright (c) 1999-2021 Authorsoft Corporation
LegalTrademarks: Big FAT32 Format
ProductName: Big FAT32 Format
FileVersion: 2.0.0.272
OriginalFilename: BigFAT32.exe
FileDescription: Big FAT32 Format
InternalName: Big FAT32 Format
ProductVersion: 2.0.0.272
Created: 비너스걸
Builder: VenusGirl 00:07:20 06/02/2022
Translation: 0x0000 0x04b0

Bulz.10966 (B) also known as:

BkavW32.AIDetect.malware2
MicroWorld-eScanGen:Variant.Bulz.10966
CylanceUnsafe
K7AntiVirusTrojan ( 7000001c1 )
BitDefenderGen:Variant.Bulz.10966
K7GWTrojan ( 7000001c1 )
Cybereasonmalicious.9a67ba
APEXMalicious
ClamAVWin.Malware.Drivepack-9884589-1
NANO-AntivirusVirus.Win32.Gen.ccmw
SophosMal/VMProtBad-A
McAfee-GW-EditionBehavesLike.Win32.Generic.rc
FireEyeGeneric.mg.f6103ed9a67bad6b
EmsisoftGen:Variant.Bulz.10966 (B)
SentinelOneStatic AI – Malicious SFX
JiangminTrojan/CoinMiner.ab.a
MAXmalware (ai score=82)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataGen:Variant.Bulz.10966
BitDefenderThetaGen:NN.ZexaF.34182.@R0@ae5ApEgm
ALYacGen:Variant.Bulz.10966
RisingMalware.Heuristic!ET#83% (RDMK:cmRtazrJXdKTZ8RrBPRiKXS1J3S1)

How to remove Bulz.10966 (B)?

Bulz.10966 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment