Categories: Malware

Bulz.12160 removal tips

The Bulz.12160 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Bulz.12160 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
Reads data out of its own binary image
Unconventionial binary language: Russian
Authenticode signature is invalid

How to determine Bulz.12160?


File Info:
name: 6023A10CF8587CA35D2C.mlwpath: /opt/CAPEv2/storage/binaries/db533d2205c9ed65de65d9ea54667de43cdedcae662fd18d0eaa6e8321ca8b40crc32: 00A61E63md5: 6023a10cf8587ca35d2c5c6b48da7ad6sha1: 280594b020390d31471e7985f0d69f65e80f5024sha256: db533d2205c9ed65de65d9ea54667de43cdedcae662fd18d0eaa6e8321ca8b40sha512: cf46ab6d762f5fe34e6701283f44163707c5bdae648214bc4235813d2cb4adf4ed752da28c3ff7ecec29df4523cac76f4ab71202060455f8d9abddc43e5df15dssdeep: 49152:zvtryIs/7ZjbcaN3eETMNELBNczoM6rHXPT6YFCm8M2qc0a5aP+b0Ui0eQRyF:RGB/hgaN3eETMNo0uHX/EmB2ot+YUi26type: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T118F5AD13BAD58031D9B10071C5F9AA261AAD7E3CDB25D7C392C41FAA3A371C35B352E6sha3_384: 3b4ef90af86ccc211f420b61429b55365c4b2398e35a11b535fa3f7b708e7ba874914170a5d4cc80355abcba56dc8857ep_bytes: e85c050000e97afeffffcccccccccccctimestamp: 2019-12-18 18:44:31
Version Info:
CompanyName:                                                                                                     FileDescription:                                                                                                     FileVersion:                                         LegalCopyright:                                                                                                     Translation: 0x0419 0x04b0

Bulz.12160 also known as:

Lionic	Trojan.Win32.Bulz.4!c
MicroWorld-eScan	Gen:Variant.Bulz.12160
FireEye	Gen:Variant.Bulz.12160
McAfee	Artemis!6023A10CF858
Zillya	Trojan.Keylogger.Win32.14
Cybereason	malicious.cf8587
Cyren	W32/Trojan.FHH.gen!Eldorado
APEX	Malicious
ClamAV	Win.Keylogger.Ursu-9870720-0
BitDefender	Gen:Variant.Bulz.12160
Avast	FileRepMalware
Ad-Aware	Gen:Variant.Bulz.12160
Emsisoft	Gen:Variant.Bulz.12160 (B)
McAfee-GW-Edition	BehavesLike.Win32.BadFile.wc
GData	Win32.Trojan.PSE.JLGP79
Jiangmin	TrojanSpy.KeyLogger.mwo
MAX	malware (ai score=80)
Arcabit	Trojan.Bulz.D2F80
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
VBA32	TrojanSpy.Keylogger
ALYac	Gen:Variant.Bulz.12160
TrendMicro-HouseCall	TROJ_GEN.R002H09L721
Rising	Malware.Obscure/Heur!1.A89E (CLASSIC)
SentinelOne	Static AI – Suspicious PE
Fortinet	W32/PossibleThreat
AVG	FileRepMalware