Malware

What is “Bulz.258796”?

Malware Removal

The Bulz.258796 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.258796 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Attempts to disable UAC
  • Attempts to modify or disable Security Center warnings
  • Anomalous binary characteristics

How to determine Bulz.258796?



File Info:

name: ECE40803ACA1474BC51B.mlw
path: /opt/CAPEv2/storage/binaries/174833540eba7b9b7b6b5189e033480ca45b6fb7fbd7b2197c8fd3d94c4d1e33
crc32: 42B9EF3D
md5: ece40803aca1474bc51bb6fca51aa0db
sha1: 47cf4ec1d796d76a20934b120941c50330f13a0b
sha256: 174833540eba7b9b7b6b5189e033480ca45b6fb7fbd7b2197c8fd3d94c4d1e33
sha512: 2c6d266028292bef0c2c6af4eaeec3a7cf07e5bc40ef483563c0f7c0542350f90597dde05276d66bb6457e9ad10c71d52358c63d83189d6449ea79aa24a1f345
ssdeep: 768:+fIrEdhAo30eMW8/CKXjZj3CjlFj3gFv9fIrEdhAo30eMW8neu:2AokeM3/CKV9FvJAokeM3eu
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EF63E6AA7B08D2A0D5B88531D947EBF56223BCB3EE72174771943F6F2831D019A4670B
sha3_384: 8f34e5dea844800dae6b68aad192d4a1e2daada0a9725a114601c2e655e8e1e399c72cce50480acb80d45ab53408d93f
ep_bytes: 68d86b4000e8f0ffffff000000000000
timestamp: 2011-05-25 03:11:17


Version Info:

Translation: 0x0409 0x04b0
ProductName: Project1
FileVersion: 1.00
ProductVersion: 1.00
InternalName: Project1
OriginalFilename: Project1.exe

Bulz.258796 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.l8yV
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Bulz.258796
FireEyeGeneric.mg.ece40803aca1474b
SkyhighGenericRXCP-ED!ECE40803ACA1
McAfeeGenericRXCP-ED!ECE40803ACA1
MalwarebytesGeneric.Malware/Suspicious
ZillyaTrojan.Injector.Win32.518532
SangforSuspicious.Win32.Save.vb
AlibabaTrojan:Win32/VBKrypt.45784ee2
Cybereasonmalicious.1d796d
ArcabitTrojan.Bulz.D3F2EC
BitDefenderThetaAI:Packer.AF8CA0FE20
VirITTrojan.Win32.Dnldr3.KHR
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Injector.CHZI
CynetMalicious (score: 100)
APEXMalicious
KasperskyTrojan.Win32.VBKrypt.wgdd
BitDefenderGen:Variant.Bulz.258796
NANO-AntivirusTrojan.Win32.Dwn.lwxth
AvastWin32:VBCrypt-AFB [Trj]
TencentWin32.Trojan.Vbkrypt.Njgl
EmsisoftGen:Variant.Bulz.258796 (B)
F-SecureHeuristic.HEUR/AGEN.1368779
DrWebTrojan.DownLoader3.6959
VIPREGen:Variant.Bulz.258796
TrendMicroTROJ_GEN.R002C0PJV23
Trapminemalicious.high.ml.score
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1368779
MAXmalware (ai score=100)
Antiy-AVLTrojan/Win32.AGeneric
Kingsoftmalware.kb.a.996
XcitiumSuspicious@#2vo5slvmot1fg
MicrosoftTrojan:Win32/Wacatac.B!ml
ZoneAlarmTrojan.Win32.VBKrypt.wgdd
GDataGen:Variant.Bulz.258796
ALYacGen:Variant.Bulz.258796
VBA32Malware-Cryptor.VB.gen.9
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002C0PJV23
RisingMalware.Undefined!8.C (TFE:5:XD1NxIiekHN)
IkarusTrojan.Win32.Injector
MaxSecureTrojan.Malware.1380692.susgen
FortinetW32/Dx.BCSZ!tr
AVGWin32:VBCrypt-AFB [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Bulz.258796?

Bulz.258796 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment