Bulz.274126 (B) removal

The Bulz.274126 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Bulz.274126 (B) virus can do?

Executable code extraction
Attempts to connect to a dead IP:Port (3 unique times)
Creates RWX memory
A process created a hidden window
Performs some HTTP requests
Unconventionial language used in binary resources: Norwegian (Nynorsk)
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX
Uses Windows utilities for basic functionality
Steals private information from local Internet browsers
Exhibits possible ransomware file modification behavior
Writes a potential ransom message to disk
Attempts to modify proxy settings
Anomalous binary characteristics
Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz

a.tomx.xyz

www.cncode.pw

iplogger.org

ocsp.comodoca.com

ocsp.usertrust.com

ocsp.sectigo.com

How to determine Bulz.274126 (B)?


File Info:
crc32: 3CC0CED6
md5: dee19dc1523b455fe966856b1e40c318
name: DEE19DC1523B455FE966856B1E40C318.mlw
sha1: 19acd9c45ef53554c50d8b0e3325f39f167f8324
sha256: a5632f56cdc26f840cda9dab027856c8100f37a44446de8f25778b092640b3ed
sha512: f9f9af9a7aa6f1c6fcf92a04e3481fddaa684ee967949c4c8b6350e173b766440f52f258fbd09d6eb22ee82b99b68310ed8f234831a6d7da60c5636e7dd741d6
ssdeep: 12288:PSIEKSVBxZVx9ZzIQR8OAhXje03tC+VUdlqWn:aI3UBNv1IQR8OAhXjeAtYdlqW
type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed

Version Info:
InternalName: triwilbifes.acs
FileVers: 26.26.361
ProductVersion: 1.0.22
Copyright: Copyrighz (C) 2020, fadkafug
TranslationUsa: 0x0272 0x04d4

Bulz.274126 (B) also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Bulz.274126
McAfee	RDN/Generic.dx
Cylance	Unsafe
Sangfor	Malware
Alibaba	TrojanPSW:Win32/Glupteba.27010186
K7GW	Trojan ( 00574dcf1 )
Cybereason	malicious.1523b4
BitDefenderTheta	Gen:NN.ZexaF.34700.HmKfaimz0MaG
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Dropper.Tofsee-9812536-0
Kaspersky	HEUR:Trojan-PSW.Win32.Tepfer.vho
BitDefender	Gen:Variant.Bulz.274126
AegisLab	Trojan.Win32.Tepfer.i!c
Avast	Win32:MalwareX-gen [Trj]
Rising	Trojan.Kryptik!8.8 (TFE:5:4GYgIj05huN)
Ad-Aware	Gen:Variant.Bulz.274126
Emsisoft	Gen:Variant.Bulz.274126 (B)
F-Secure	Trojan.TR/AD.Socelars.BX
DrWeb	Trojan.PWS.Stealer.29729
TrendMicro	TROJ_GEN.R002C0DLS20
McAfee-GW-Edition	BehavesLike.Win32.Trojan.hc
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
GData	Gen:Variant.Bulz.274126
eGambit	Unsafe.AI_Score_94%
Avira	TR/AD.Socelars.BX
MAX	malware (ai score=100)
Gridinsoft	Trojan.Win32.Kryptik.oa
Arcabit	Trojan.Bulz.D42ECE
ZoneAlarm	HEUR:Trojan-PSW.Win32.Tepfer.vho
Microsoft	Trojan:Win32/Glupteba.NR!MTB
Cynet	Malicious (score: 100)
Acronis	suspicious
VBA32	BScope.Trojan.Glupteba
ALYac	Gen:Variant.Bulz.274126
Malwarebytes	Trojan.MalPack.GS
ESET-NOD32	a variant of Win32/Kryptik.HIIF
TrendMicro-HouseCall	TROJ_GEN.R002C0DLS20
Tencent	Win32.Trojan-qqpass.Qqrob.Wwxt
Ikarus	Win32.Outbreak
Fortinet	W32/Kryptik.HIFA!tr
AVG	FileRepMalware
CrowdStrike	win/malicious_confidence_80% (D)
Qihoo-360	Win32/Trojan.PSW.a4a

How to remove Bulz.274126 (B)?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.