Malware

Should I remove “Bulz.134753”?

Malware Removal

The Bulz.134753 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.134753 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Unconventionial binary language: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Executable file is packed/obfuscated with ASPack
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Bulz.134753?



File Info:

name: 60E5B4C54B03E2AA6F66.mlw
path: /opt/CAPEv2/storage/binaries/6ba7eaba6fba301df1a1f4b3a9f96599ae0c8b35455c8d62ce2e4be85d338f23
crc32: 5338AAE5
md5: 60e5b4c54b03e2aa6f6658411514d762
sha1: f42814bdfa5e6420a83a726ec0a6d03b4927dd8a
sha256: 6ba7eaba6fba301df1a1f4b3a9f96599ae0c8b35455c8d62ce2e4be85d338f23
sha512: 77ee7e5e6b534d39c36acf88d3924cc53113bb94c665df28a3806db6df7abf8761147f420da884afbd94681f405c95b6a9e14084cedd3ff2c50ef46b6f4e7a9f
ssdeep: 24576:Vak/7Nk4RZ2KZu0zoFmDcpii9iGn+CTinZEAs+gJ7zKOvTz8oDqE:Vak/9Zu+k0WdEhZEzDIo+E
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B455331117CC9F16E61BB334903A3939DAF61370B981D6B6B318C9647E4E117FA28B92
sha3_384: 70191e6be8cab06ce621d30743437eadea414e1ab3fcea91ca5ebeda873cb393b25cc64d9bcf346252d211e426620216
ep_bytes: 60e803000000e9eb045d4555c3e80100
timestamp: 2021-05-19 06:11:10


Version Info:

CompanyName: 178网游工作室
FileDescription: 商业程序
InternalName: LoginTools.exe
LegalCopyright: 版权所有 (C) 2010
OriginalFilename: LoginTools.exe
ProductName: 商业程序
ProductVersion: 1, 0, 0, 0
FileVersion: 1,0,0,0
Translation: 0x0804 0x03a8

Bulz.134753 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Bulz.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.134753
FireEyeGeneric.mg.60e5b4c54b03e2aa
ALYacGen:Variant.Bulz.134753
CylanceUnsafe
ZillyaTool.GameTool.Win32.870
SangforInfostealer.Win32.Zbot.ml
K7AntiVirusRiskware ( 005439d61 )
AlibabaMalware:Win32/km_2ebce5.None
K7GWRiskware ( 005439d61 )
Cybereasonmalicious.54b03e
CyrenW32/Bulz.V.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/RiskWare.GameTool.S
APEXMalicious
AvastWin32:Malware-gen
BitDefenderGen:Variant.Bulz.134753
TencentMalware.Win32.Gencirc.10cf5b3a
Ad-AwareGen:Variant.Bulz.134753
EmsisoftGen:Variant.Bulz.134753 (B)
DrWebTrojan.DownLoader39.32778
TrendMicroTROJ_GEN.R03BC0DB322
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
SophosMal/Generic-S
Paloaltogeneric.ml
GDataGen:Variant.Bulz.134753
JiangminTrojan.Bulz.h
AviraHEUR/AGEN.1214757
Antiy-AVLTrojan/Generic.ASMalwS.336B874
GridinsoftRansom.Win32.Zbot.sa
MicrosoftPWS:Win32/Lmir.BMQ
CynetMalicious (score: 99)
AhnLab-V3Malware/Win32.RL_Generic.R329115
McAfeeGenericRXAA-FA!60E5B4C54B03
MAXmalware (ai score=86)
VBA32Trojan.SDP.27105
MalwarebytesRiskWare.GameTool
TrendMicro-HouseCallTROJ_GEN.R03BC0DB322
RisingMalware.Lmir!8.E96A (CLOUD)
YandexTrojan.GenAsa!8M74xrHXt8Q
MaxSecureTrojan.Malware.109381195.susgen
FortinetW32/Fugrafa.7364!tr
BitDefenderThetaGen:NN.ZelphiF.34212.qT0baO62Xadi
AVGWin32:Malware-gen

How to remove Bulz.134753?

Bulz.134753 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment