Categories: Malware

About “Bulz.238074” infection

The Bulz.238074 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Bulz.238074 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Harvests cookies for information gathering

How to determine Bulz.238074?


File Info:
name: 16AB404561CB28549094.mlwpath: /opt/CAPEv2/storage/binaries/d0c63be6797e7f245fb3a3c340365c12f1f51f8b40e70619267049db539bf5d6crc32: FE927BA5md5: 16ab404561cb28549094bb64f21cfb6csha1: 6fcda5f5d2eb6135c1867ccb3861398af5d87e87sha256: d0c63be6797e7f245fb3a3c340365c12f1f51f8b40e70619267049db539bf5d6sha512: 8b030bb8191a213e0d51917cd1f10883ec30b34258eba5f4ab3369839332a79d494ca2d61829639fba1f3a10cf0f9f270b597858bd653398a40a55068d4ba045ssdeep: 49152:rOlEeyAxiMHweK8MTuYlnDV7D2voyDHdOJESZw6Gxz5GJghogWwE/K/wow1Gjg+c:rIWAxv8d2vFD9OJESlzbwL++A33type: PE32 executable (console) Intel 80386, for MS Windowstlsh: T191166B50F9DB60F5F6074A3045A7A37F6330A6099738CBD7CA909FA6FC17AE10932256sha3_384: b765524c7da8eafe782ead04ffa2e0e5a5b43f0e6007e69d7b25a7255e00ceb7b14b1090a17cf844b6981e4f12bf567aep_bytes: e90bdbffffcccccccccccccccccccccctimestamp: 1970-01-01 00:00:00
Version Info:
0: [No Data]

Bulz.238074 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Bulz.238074
FireEye	Gen:Variant.Bulz.238074
McAfee	Artemis!16AB404561CB
Cylance	Unsafe
Zillya	Trojan.Udochka.Win32.49
Sangfor	Ransom.Win32.Filecoder.NZJ
K7AntiVirus	Trojan ( 00570c7f1 )
Alibaba	Trojan:Win32/Udochka.5487e379
K7GW	Trojan ( 00570c7f1 )
Cybereason	malicious.561cb2
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Filecoder.NZJ
APEX	Malicious
Paloalto	generic.ml
Kaspersky	Trojan.Win32.Udochka.gs
BitDefender	Gen:Variant.Bulz.238074
NANO-Antivirus	Trojan.Win32.Udochka.ignqpa
Avast	Win32:Trojan-gen
Emsisoft	Gen:Variant.Bulz.238074 (B)
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.Trojan.rh
Sophos	Mal/Generic-S
SentinelOne	Static AI – Suspicious PE
Avira	TR/FileCoder.biwgy
Antiy-AVL	Trojan/Generic.ASMalwS.310A6DC
Microsoft	Trojan:Win32/Glupteba!ml
GData	Gen:Variant.Bulz.238074
Cynet	Malicious (score: 99)
AhnLab-V3	Malware/Gen.Reputation.C4212635
BitDefenderTheta	AI:Packer.88AEF6DE21
ALYac	Gen:Variant.Bulz.238074
MAX	malware (ai score=81)
Rising	Trojan.Filecoder!8.68 (CLOUD)
Yandex	Trojan.Udochka!6YEJijDMsV8
Ikarus	Trojan-Ransom.FileCrypter
MaxSecure	Trojan.Malware.109859067.susgen
Fortinet	W32/Encoder.261C!tr.ransom
AVG	Win32:Trojan-gen
Panda	Trj/CI.A
CrowdStrike	win/malicious_confidence_100% (W)