Malware

Bulz.165149 (file analysis)

Malware Removal

The Bulz.165149 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.165149 virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs

How to determine Bulz.165149?



File Info:

name: 2CCAC9D2A1FBC762F64D.mlw
path: /opt/CAPEv2/storage/binaries/07de7ed0648ef8f7152094109068e22bb142ff55bc73fc2fcf4620c8ac7e5e26
crc32: 8C4907F3
md5: 2ccac9d2a1fbc762f64ddec7af298d7e
sha1: ddb3cf056e8a56e0e13a50d318966961db1456ce
sha256: 07de7ed0648ef8f7152094109068e22bb142ff55bc73fc2fcf4620c8ac7e5e26
sha512: 607441404851b017a172a85e865d3247e3402dcf9d37c5cb73b94d92cf0b12ab6dbe24a09ba9b60a7b8539171ed6afafb70655864dd9c3bb2390adf6d6a7f13b
ssdeep: 196608:uCHbTFAZb62CcfJxXu2dtySVxevLFw91n71PjseZm3:uCHXFAZb1/ugMvRw91nBoec
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T1209623EE7258339CC41EC4749437FD05B2B6062E0AD7A9AE75CABFD07B9E421D602B05
sha3_384: 3103751e80ffb5dd3c6c7fa15bbf92ee2d8383cd31a3ad4860ee3aa190b5a628ec81774e5efd1b6fbb25bd71f2402b2a
ep_bytes: 684abadb81e8dbcc200051572ff25020
timestamp: 2021-11-26 11:44:44


Version Info:

0: [No Data]

Bulz.165149 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.165149
FireEyeGeneric.mg.2ccac9d2a1fbc762
McAfeeArtemis!2CCAC9D2A1FB
CylanceUnsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0055b8231 )
AlibabaPacked:Win64/VMProtect.48de7800
K7GWTrojan ( 0055b8231 )
Cybereasonmalicious.2a1fbc
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win64/Packed.VMProtect.IH
APEXMalicious
Paloaltogeneric.ml
BitDefenderGen:Variant.Bulz.165149
AvastWin64:Trojan-gen
Ad-AwareGen:Variant.Bulz.165149
EmsisoftGen:Variant.Bulz.165149 (B)
McAfee-GW-EditionBehavesLike.Win64.Generic.rc
SophosMal/VMProtBad-A
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Bulz.165149
MAXmalware (ai score=82)
GridinsoftRansom.Win64.Sabsik.sa
ArcabitTrojan.Bulz.D2851D
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
ALYacGen:Variant.Bulz.165149
MalwarebytesGeneric.Malware/Suspicious
TrendMicro-HouseCallTROJ_GEN.R002H09KQ21
YandexTrojan.VMProtect!AYdHjT7zPY0
IkarusTrojan.Win64.Vmprotect
FortinetW32/PossibleThreat
AVGWin64:Trojan-gen
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Bulz.165149?

Bulz.165149 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment