How to remove “Bulz.130723”?

The Bulz.130723 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Bulz.130723 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine Bulz.130723?


File Info:
name: EF565F1B891E9455837A.mlw
path: /opt/CAPEv2/storage/binaries/602f58e3bae2a2574c081e8fc4263e711883b1de441710a81bd658bb80741549
crc32: A69B826D
md5: ef565f1b891e9455837a36ad1f02b963
sha1: 0af41bdc79ccc8a67a1576d430a214183d2d1cb6
sha256: 602f58e3bae2a2574c081e8fc4263e711883b1de441710a81bd658bb80741549
sha512: 1058507f7672dced4abde6029be8a08a0e92af57ff430853488a07d802de4f808cd2eb877726174f5dc8dee6c9ea5aa6d3fcd7dd6eb49f4f91b5f76dad82604f
ssdeep: 49152:nRgg4+lJS6/g0IDr6+d7U8fTTfLPpBR5KYz5gAhZGtQL19oxLFmABcsGp1mKLZA/:nRh1+1mS6MpCW8n7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D9F5A113EB88C915D83732B36611E27046B66C91A719C90964F63D9C1A31E83EEF739F
sha3_384: 63c17a9522a3c34e828ddd0b3d0a1b22bf91373fddf38367edfb2dab8517e165837f0a087c01f924e02bd58a6604a20a
ep_bytes: ff25002040000000000009ed253f766b
timestamp: 2017-02-01 21:53:15

Version Info:
Translation: 0x0000 0x04b0
Comments: Skype Tool
CompanyName: James Creations
FileDescription: James Reborns Skype Tool 5.6
FileVersion: 5.6.0.0
InternalName: James Reborns Skype Tool 5.6.exe
LegalCopyright: Copyright ©  2017
LegalTrademarks: @James Creations
OriginalFilename: James Reborns Skype Tool 5.6.exe
ProductName: James Reborns Skype Tool 5.6
ProductVersion: 5.6.0.0
Assembly Version: 5.6.0.0

Bulz.130723 also known as:

Lionic	Trojan.Win32.Bulz.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Bulz.130723
FireEye	Generic.mg.ef565f1b891e9455
ALYac	Gen:Variant.Bulz.130723
Cylance	Unsafe
Sangfor	Trojan.Win32.Wacatac.C
Cybereason	malicious.b891e9
Symantec	ML.Attribute.HighConfidence
BitDefender	Gen:Variant.Bulz.130723
Avast	Win32:Malware-gen
Tencent	Win32.Trojan.Generik.Amvu
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	Artemis!Trojan
Emsisoft	Gen:Variant.Bulz.130723 (B)
SentinelOne	Static AI – Suspicious PE
Jiangmin	Trojan.Generic.asluo
Webroot	W32.Gen.BT
Antiy-AVL	Trojan/Generic.ASMalwS.1E5D023
Microsoft	Program:Win32/Wacapew.C!ml
GData	Gen:Variant.Bulz.130723
McAfee	Artemis!EF565F1B891E
MAX	malware (ai score=88)
APEX	Malicious
Yandex	Trojan.Agent!kYcfaVpmyZs
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Generic!tr
AVG	Win32:Malware-gen
Panda	Trj/GdSda.A

How to remove Bulz.130723?

Bulz.130723 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X