Should I remove “Bulz.209601”?

The Bulz.209601 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Bulz.209601 virus can do?

Presents an Authenticode digital signature
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Bulz.209601?


File Info:
crc32: C8864E53
md5: c1cd6d4c93b3aa03705b43b2ee012833
name: C1CD6D4C93B3AA03705B43B2EE012833.mlw
sha1: c72949d904585e0b125b1b3132a3b759fdc8595b
sha256: 096a54d7b89554df0b4cb53e864ece1444c109bcf52b5deceefe9bed73ac4e91
sha512: 364ee3341e4854ac215fdb728683be5f4cf26a9984a2dc23d7fe3abcae4788d555f2ae911c04d7345d5191f36fe1eb9848611775d46bf5b9308ea3a28086bb75
ssdeep: 3072:W5FV05aJf0No9Ni+A1zo3k+0DaRiz/+V+SIlf:WDV05aJf0No9Ni+Czo3MI2/df
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:
LegalCopyright: xa9 x514bx514bx514b. All rights reserved.
Assembly Version: 2.1.5.5
FileVersion: 4.3.1.7
CompanyName: x827ex827ex513f
LegalTrademarks: x4e1dx8feax426
Comments: x7ef4x420x827e x4e1dx5f00x8d3c
ProductName: x8feax41ex7ef4 x827ex41ax827e
ProductVersion: 2.1.5.5
FileDescription: x543ex543ex54e6 x410x5c14x8d1d
OriginalFilename: x8feax41ex7ef4 x827ex41ax827e.exe
Translation: 0x0409 0x0514

Bulz.209601 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Bulz.209601
FireEye	Generic.mg.c1cd6d4c93b3aa03
McAfee	PWS-FCSS!C1CD6D4C93B3
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
BitDefender	Gen:Variant.Bulz.209601
Cybereason	malicious.904585
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:DangerousSig [Trj]
Kaspersky	HEUR:Trojan-PSW.MSIL.Agensla.gen
Ad-Aware	Gen:Variant.Bulz.209601
Emsisoft	Gen:Variant.Bulz.209601 (B)
F-Secure	Trojan.TR/Dldr.Agent.lkplc
DrWeb	Trojan.Siggen10.62514
McAfee-GW-Edition	PWS-FCSS!C1CD6D4C93B3
Ikarus	Trojan.MSIL.Inject
Avira	TR/Dldr.Agent.lkplc
Microsoft	Trojan:Win32/Wacatac.C!ml
Arcabit	Trojan.Bulz.D332C1
ZoneAlarm	HEUR:Trojan-PSW.MSIL.Agensla.gen
GData	Gen:Variant.Bulz.209601
Cynet	Malicious (score: 85)
BitDefenderTheta	Gen:NN.ZemsilF.34634.Am1@aKUWrrgi
ALYac	Gen:Variant.Bulz.209601
MAX	malware (ai score=82)
Panda	Trj/GdSda.A
ESET-NOD32	a variant of MSIL/TrojanDownloader.Agent.GZW
SentinelOne	Static AI – Malicious PE
eGambit	PE.Heur.InvalidSig
Fortinet	MSIL/Agent.GZW!tr.dldr
AVG	Win32:DangerousSig [Trj]
CrowdStrike	win/malicious_confidence_80% (D)

How to remove Bulz.209601?

Bulz.209601 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X