Malware

Bulz.273037 malicious file

Malware Removal

The Bulz.273037 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.273037 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • CAPE detected the CoinMiner02 malware family

How to determine Bulz.273037?



File Info:

name: 618EAC89868E86560944.mlw
path: /opt/CAPEv2/storage/binaries/8cddb082b17bb3d6e4b1ce9c0128678001899122a34d7714d6aa5a149f18823b
crc32: E41CE5B4
md5: 618eac89868e86560944b7905f9029ac
sha1: fd2f9bdf4fa02475bf45b564aa9abd4c143529eb
sha256: 8cddb082b17bb3d6e4b1ce9c0128678001899122a34d7714d6aa5a149f18823b
sha512: 20845082e4119adbd89df502278061c2e9a6a93861dc079cb20e686cac3601ef4695d0e65510f09b29f954d66374cacadd52e2d47b64fee6fc88445e4263adf9
ssdeep: 12288:gjZYLXd1PKYUb5Pel626BIpSn77BOUa/pkN/SqAqRiENaS:gjZm1Kzen6BIpufQv/ySqAq
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T146D4233B6772D58AC76082B5F087E7A9532E5CE7CB09150E07613EAF346BA51C89F083
sha3_384: a075da40ce6e150ce2b5e3b7f6fb92e99d5154b3dbecd84655b5ddf08c36b7ee80cfeba01e78d106969a06ae8eaa5a08
ep_bytes: 53565755488d35a523f7ff488dbe0020
timestamp: 2021-11-11 17:54:48


Version Info:

CompanyName: Google LLC
FileDescription: Google Chrome
FileVersion: 10.0.19041.542
LegalCopyright: Copyright 2021 Google LLC. All rights reserved.
OriginalFilename: chrome.exe
ProductName: Google Chrome
ProductVersion: 10.0.19041.542
Translation: 0x0000 0x04b0

Bulz.273037 also known as:

LionicTrojan.Win32.Miner.4!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
McAfeeRDN/Generic PUP.z
K7AntiVirusAdware ( 005577a81 )
AlibabaTrojan:Win32/Miner.64fe149e
K7GWAdware ( 005577a81 )
CrowdStrikewin/malicious_confidence_60% (W)
SymantecTrojan.Gen.2
ESET-NOD32Win64/CoinMiner.AFN
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Miner.gen
BitDefenderGen:Variant.Bulz.273037
MicroWorld-eScanGen:Variant.Bulz.273037
AvastWin64:CoinminerX-gen [Trj]
TencentWin32.Trojan.Miner.Wncw
Ad-AwareGen:Variant.Bulz.273037
SophosXMRig Miner (PUA)
DrWebTrojan.Siggen15.57580
TrendMicroTROJ_GEN.R011C0DL221
McAfee-GW-EditionBehavesLike.Win64.Dropper.jc
FireEyeGeneric.mg.618eac89868e8656
EmsisoftGen:Variant.Bulz.273037 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Bulz.273037
AviraTR/CoinMiner.iemma
MAXmalware (ai score=80)
Antiy-AVLTrojan/Generic.ASMalwS.34DAF5D
GridinsoftRansom.Win64.Gen.sa
ArcabitTrojan.Bulz.D42A8D
MicrosoftTrojan:Win64/DisguisedXMRigMiner
AhnLab-V3Win-Trojan/Miner3.Exp
Acronissuspicious
ALYacGen:Variant.Bulz.273037
VBA32Trojan.Miner
MalwarebytesTrojan.BitCoinMiner
TrendMicro-HouseCallTROJ_GEN.R011C0DL221
RisingHackTool.CoinMiner!1.B971 (CLASSIC)
YandexTrojan.Miner!DfFXiaWnx5Y
MaxSecureTrojan.Malware.121218.susgen
FortinetAdware/Miner
AVGWin64:CoinminerX-gen [Trj]
Cybereasonmalicious.9868e8
PandaTrj/CI.A

How to remove Bulz.273037?

Bulz.273037 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment