Malware

Bulz.133588 (file analysis)

Malware Removal

The Bulz.133588 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.133588 virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Bulz.133588?



File Info:

name: DE893BBA669500105E3E.mlw
path: /opt/CAPEv2/storage/binaries/829b2c8aea6a2fa9b38cbd203d5cbbec8800817aca6789c0a562a116e6bde94c
crc32: 341AA5E7
md5: de893bba669500105e3e428c354dbfd3
sha1: 3186ac51bb8670eb32cea64dea8f6f135f4ee910
sha256: 829b2c8aea6a2fa9b38cbd203d5cbbec8800817aca6789c0a562a116e6bde94c
sha512: 89b4480ab6c3583d5062cbc97996966e46807567c3ec03fba33f07115c4ff4e2fd4e6d54b5f7b580b6b5e3ba77e6cf082790d550afe8c7b043c4198f57306bb1
ssdeep: 1536:Ybtfqx4yadnpU5stHVcwP8IyrstePx4dU+jO:Y5fqx47dGebP7c64
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T122338CE542BC8E10DFB51BF9A0531D00977F91A5AA92D94E6EC950CBFE76BC89003B43
sha3_384: 33d36a349bfd81acd875ca5fbdccaa3bfed10a71c161894a1893b730f3a87f1176081ae9d0c762519263443a77c7703e
ep_bytes: ff250020400000000000000000000000
timestamp: 2074-03-15 04:32:25


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Discord Webhook Spammer
FileVersion: 1.0.0.0
InternalName: Discord Webhook Spammer.exe
LegalCopyright: Copyright ©  2020
LegalTrademarks: 
OriginalFilename: Discord Webhook Spammer.exe
ProductName: Discord Webhook Spammer
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Bulz.133588 also known as:

LionicTrojan.MSIL.Agent.m!c
MicroWorld-eScanGen:Variant.Bulz.133588
FireEyeGen:Variant.Bulz.133588
ALYacGen:Variant.Bulz.133588
CylanceUnsafe
ZillyaBackdoor.Agent.Win32.80361
SangforBackdoor.MSIL.Agent.gen
Cybereasonmalicious.a66950
CyrenW32/Trojan.RGYW-5871
SymantecML.Attribute.HighConfidence
TrendMicro-HouseCallTROJ_GEN.R002H07LA21
KasperskyVHO:Backdoor.MSIL.Agent.gen
BitDefenderGen:Variant.Bulz.133588
AvastFileRepMalware
Ad-AwareGen:Variant.Bulz.133588
SophosMal/Generic-R
McAfee-GW-EditionArtemis
EmsisoftGen:Variant.Bulz.133588 (B)
GDataGen:Variant.Bulz.133588
WebrootW32.Malware.Gen
MicrosoftTrojan:Win32/Wacatac.B!ml
McAfeeArtemis!DE893BBA6695
MalwarebytesMachineLearning/Anomalous.95%
APEXMalicious
MAXmalware (ai score=87)
MaxSecureTrojan.Malware.8703358.susgen
FortinetPossibleThreat
AVGFileRepMalware

How to remove Bulz.133588?

Bulz.133588 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment