Categories: Malware

Should I remove “Bulz.177322”?

The Bulz.177322 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Bulz.177322 virus can do?

Executable code extraction
Creates RWX memory
Reads data out of its own binary image
Drops a binary and executes it
Unconventionial language used in binary resources: Russian
Uses Windows utilities for basic functionality
Network activity detected but not expressed in API logs
Collects information to fingerprint the system
Anomalous binary characteristics
Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Bulz.177322?


File Info:
crc32: FE4F5CB6md5: 0655389a00b529becec010a068597469name: 0655389A00B529BECEC010A068597469.mlwsha1: 513933c2da18522767cbef1672d9700c7b3dda5esha256: 4a760d8a5c43817301452be1ba05fb63a5d9b1a82aca19bf8c1f7c20cb0aa1dasha512: b3386dcb54f6302e04447f5e3000357324ee726c111533ed10a18345a487c00e3fe322d57fc796ed42bb158915e9dfa2a885acc519cf485edc78a6d8606a7108ssdeep: 12288:dtLXhm+CP5PFv4GTy7kQPGowKCMy9Gan+E/XdFl0:d/m+CPhFglkBowKCPRZfdF+type: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright: Company                                                                                             FileDescription: WinProductKeyViewer 1.00 Installation                       FileVersion: 1.00                Comments: CompanyName: Company                                                     Translation: 0x0409 0x04e4

Bulz.177322 also known as:

K7AntiVirus	Trojan ( 00521db01 )
Lionic	Trojan.Win32.Generic.4!c
DrWeb	Trojan.MulDrop7.59106
Cynet	Malicious (score: 99)
ALYac	Trojan.Generic.22851918
Cylance	Unsafe
Sangfor	Trojan.Win32.GenericKD.6387566
Alibaba	Trojan:MSIL/Generic.75f0660a
K7GW	Trojan ( 00521db01 )
Cybereason	malicious.a00b52
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	multiple detections
APEX	Malicious
Avast	Win32:Malware-gen
BitDefender	Gen:Variant.Bulz.177322
NANO-Antivirus	Trojan.Win32.Mlw.exbkwr
MicroWorld-eScan	Gen:Variant.Bulz.177322
Tencent	Win32.Trojan.Generic.Een
BitDefenderTheta	Gen:NN.ZemsilF.34170.bm0@aWzykeo
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.Dropper.jc
FireEye	Gen:Variant.Bulz.177322
Emsisoft	Trojan.Generic.22851918 (B)
SentinelOne	Static AI – Suspicious PE
Avira	TR/Clicker.eipea
eGambit	Unsafe.AI_Score_99%
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Trojan.Generic.22851918
McAfee	Artemis!0655389A00B5
MAX	malware (ai score=83)
VBA32	Trojan.MSIL.gen.a.12
Malwarebytes	Malware.AI.2571076471
Panda	Trj/CI.A
TrendMicro-HouseCall	TROJ_GEN.R002H0CEP21
Yandex	Trojan.Agent!26+lhHfprgk
Ikarus	Trojan-Dropper.Win32.Agent
Fortinet	MSIL/TrojanClicker_Small.NBU!tr
AVG	Win32:Malware-gen