Malware

Bulz.293923 (file analysis)

Malware Removal

The Bulz.293923 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.293923 virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous .NET characteristics

How to determine Bulz.293923?



File Info:

name: 08AAFAC3C8E3E31520A8.mlw
path: /opt/CAPEv2/storage/binaries/f0421102a94372996521f85a44770b732231f708253a86339786485b41d4bf03
crc32: E84E0636
md5: 08aafac3c8e3e31520a88c34bca9727a
sha1: a1ad88975a9cfd244d4c2a20d195e9d8c67b694b
sha256: f0421102a94372996521f85a44770b732231f708253a86339786485b41d4bf03
sha512: a86624b5f9787d66d75df282d80a3ceca3c8404d249e7e6965704943a73debc2cc51dd16b119ce6b6d921d0a75721a9e5aa77cb5350a2e83a8c445e5879f4d8e
ssdeep: 24576:b2AuuwPVaADpi7YyCnYceSvZ66HvpX6LCHUKvmY:bkuwPSFOYxZ6y
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19D156C8F39BC4B56F9BA0AFCA0861664D15509832C33A22D7BF111581C639FB8F5DCDA
sha3_384: 02149e08fa973510fe9d9b8eda1abb5ade86a29f16f96b1fab1d21a049e264174a92c58d3a273cb6ad8a0a8a2c9e50d1
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-01-11 07:10:00


Version Info:

Translation: 0x0000 0x04b0
Comments: Microsoft Corporation
CompanyName: Microsoft Corporation
FileDescription: Windows Security
FileVersion: 10.0.17763.0
InternalName: Windows Security.exe
LegalCopyright: © Microsoft Corporation. All Rights Reserved.
OriginalFilename: Windows Security.exe
ProductName: Microsoft® Windows®-operativsystem
ProductVersion: 10.0.17763.0
Assembly Version: 0.0.0.0

Bulz.293923 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.293923
FireEyeGeneric.mg.08aafac3c8e3e315
McAfeeGenericRXOX-PK!08AAFAC3C8E3
CylanceUnsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0056de5c1 )
AlibabaTrojan:MSIL/Kryptik.8863990a
K7GWTrojan ( 0056de5c1 )
Cybereasonmalicious.3c8e3e
CyrenW32/MSIL_Kryptik.ESN.gen!Eldorado
ESET-NOD32a variant of MSIL/Kryptik.XQH
APEXMalicious
KasperskyUDS:Trojan-Spy.MSIL.Quasar.gen
BitDefenderGen:Variant.Bulz.293923
AvastWin32:RATX-gen [Trj]
Ad-AwareGen:Variant.Bulz.293923
SophosML/PE-A
McAfee-GW-EditionGenericRXOX-PK!08AAFAC3C8E3
EmsisoftGen:Variant.Bulz.293923 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Bulz.293923
AviraHEUR/AGEN.1141614
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Generic.R369179
BitDefenderThetaGen:NN.ZemsilF.34114.2m0@ai3674c
ALYacGen:Variant.Bulz.293923
MAXmalware (ai score=82)
MalwarebytesTrojan.Crypt.MSIL.Generic
IkarusTrojan.MSIL.Crypt
FortinetMSIL/Kryptik.XQH!tr
AVGWin32:RATX-gen [Trj]
CrowdStrikewin/malicious_confidence_100% (W)
MaxSecureTrojan.Malware.300983.susgen

How to remove Bulz.293923?

Bulz.293923 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment