Malware

Should I remove “Bulz.170878”?

Malware Removal

The Bulz.170878 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.170878 virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Bulz.170878?



File Info:

name: F2D7F020ED77A995AC5C.mlw
path: /opt/CAPEv2/storage/binaries/c016699670a48c6b7adf3f66a2c39079c19e515a559d7f0ea58e3276ea6d87c0
crc32: 71FD8955
md5: f2d7f020ed77a995ac5c782f5735684d
sha1: 650a623cdbe92ee77989687c813ef4dca07700f0
sha256: c016699670a48c6b7adf3f66a2c39079c19e515a559d7f0ea58e3276ea6d87c0
sha512: 042f05e753aa5da917e6023fdaaff58ed6ab47b6dfc922abc753cee9138ac9c3b7aa65c471af8c6b9db351656c5ec72977ce4b122d397355c208c002550d6756
ssdeep: 1536:FsFibZ9QN2nhu4DJPiRPa2jsfozBCQZTAT8zo1:qYIN2nhJJaRy2wfozk82
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T190634B243AFA501AF173EF765FE4B9D6DA6EB6732B03A82D109103460B23A41DDD163D
sha3_384: 2eea93b55d7bf3e97e1a56ea34f30920735cf0eeb3b689f29248d7c22bdb921195a4c0f0aede2ed8e14e76636cabf38c
ep_bytes: ff25002040001234567890abcdef0000
timestamp: 2043-08-22 11:45:03


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: HP
FileDescription: WindowsApp1
FileVersion: 1.0.0.0
InternalName: WindowsApp1.exe
LegalCopyright: Copyright © HP 2022
LegalTrademarks: 
OriginalFilename: WindowsApp1.exe
ProductName: WindowsApp1
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Bulz.170878 also known as:

BkavW32.AIDetectNet.01
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (D)
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Kryptik.CKH
APEXMalicious
CynetMalicious (score: 100)
KasperskyVHO:Backdoor.MSIL.SpyGate.gen
BitDefenderGen:Variant.Bulz.170878
MicroWorld-eScanGen:Variant.Bulz.170878
RisingMalware.Obfus/MSIL@AI.90 (RDM.MSIL:bn0H+DUy6ZT8VUheS+jPeQ)
Ad-AwareGen:Variant.Bulz.170878
SophosML/PE-A
F-SecureTrojan.TR/Dropper.Gen
FireEyeGeneric.mg.f2d7f020ed77a995
EmsisoftGen:Variant.Bulz.170878 (B)
IkarusTrojan.MSIL.Krypt
GDataGen:Variant.Bulz.170878
AviraTR/Dropper.Gen
MAXmalware (ai score=85)
ArcabitTrojan.Bulz.D29B7E
ZoneAlarmVHO:Backdoor.MSIL.SpyGate.gen
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
AhnLab-V3Win-Trojan/MSILKrypt09.Exp
Acronissuspicious
ALYacGen:Variant.Bulz.170878
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Kryptik.BDA!tr
BitDefenderThetaGen:NN.ZemsilF.34606.em0@a48cBdg
Cybereasonmalicious.0ed77a

How to remove Bulz.170878?

Bulz.170878 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment