What is "Bulz.302274"? – Adware Reports

The Bulz.302274 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Bulz.302274 virus can do?

Executable code extraction
Creates RWX memory
Unconventionial language used in binary resources: Serbian
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX
Network activity detected but not expressed in API logs
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Bulz.302274?


File Info:
crc32: 967AC695
md5: a2e3c0c01670119412c1beae95e37415
name: A2E3C0C01670119412C1BEAE95E37415.mlw
sha1: 913f416ad7fdb60faf9e40030fb33259457045d5
sha256: eec9f565329a6a6e4129c775a212eda9a3e23001dff996345538de0ea1f6bdfc
sha512: 1da28b8646f8e803aac167720b28c25fd6a677caecdcf152bd228541533faf05556e0385e403ace85de4458d36afd4ab6236612a7d47ae8064d13e8c56e88209
ssdeep: 6144:DoL3U0x7iUegkmo7re48FMaM3VTFroatgeESEhasDnHf6Vw:fa7iUenmkru6FlRoaXE9asLi6
type: PE32 executable (GUI) Intel 80386 system file, for MS Windows, UPX compressed

Version Info:
InternalName: triwilbifor.occ
FileVersion: 6.26.341
Copyright: Copyrighz (C) 2020, wodkafull
ProductVersion: 1.10.27
TranslationUsa: 0x0173 0x00dc

Bulz.302274 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Bulz.302274
FireEye	Generic.mg.a2e3c0c016701194
CAT-QuickHeal	Trojan.Multi
McAfee	RDN/Generic PWS.y
Cylance	Unsafe
Zillya	Trojan.Stealer.Win32.9845
AegisLab	Trojan.Multi.Generic.4!c
Sangfor	Malware
K7AntiVirus	Riskware ( 0040eff71 )
BitDefender	Gen:Variant.Bulz.302274
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.ad7fdb
Cyren	W32/Trojan.PBUD-2851
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:BotX-gen [Trj]
ClamAV	Win.Packed.Predatorthief-9820523-0
Kaspersky	Trojan-Spy.Win32.Stealer.wfy
Alibaba	TrojanSpy:Win32/Stealer.7ae476d6
ViRobot	Trojan.Win32.Z.Bulz.352768
Rising	Ransom.ScarletFlash!8.1142F (TFE:5:IxrZyQ9FrYU)
Ad-Aware	Gen:Variant.Bulz.302274
Emsisoft	Gen:Variant.Bulz.302274 (B)
Comodo	Malware@#24y8lzr2bapju
F-Secure	Trojan.TR/Crypt.Agent.cqpcl
DrWeb	Trojan.PWS.Siggen2.61073
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Trojan.Win32.GLUPTEBA.THAAABA
McAfee-GW-Edition	BehavesLike.Win32.RansomGandCrab.fc
Sophos	Mal/Generic-S
Ikarus	Trojan.Win32.Krypt
Jiangmin	TrojanSpy.Stealer.dnk
Webroot	W32.Trojan.Agent.Gen
Avira	TR/Crypt.Agent.cqpcl
MAX	malware (ai score=100)
Antiy-AVL	Trojan/Win32.Kryptik
Kingsoft	win32.unknown.virusname.(kcloud)
Microsoft	Trojan:Win32/Azorult.MS!MTB
Gridinsoft	Trojan.Win32.Packed.oa
Arcabit	Trojan.Bulz.D49CC2
ZoneAlarm	Trojan-Spy.Win32.Stealer.wfy
GData	Gen:Variant.Bulz.302274
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win32.RL_Generic.R362748
Acronis	suspicious
BitDefenderTheta	Gen:NN.ZexaF.34780.vmKfa4p@IXgG
ALYac	Spyware.Infostealer.RedLine
VBA32	BScope.Trojan.Azorult
Malwarebytes	Trojan.MalPack.GS
Panda	Trj/GdSda.A
ESET-NOD32	a variant of Win32/Kryptik.HIRF
TrendMicro-HouseCall	Trojan.Win32.GLUPTEBA.THAAABA
Tencent	Win32.Trojan-spy.Stealer.Lnnv
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_98%
Fortinet	W32/Kryptik.HIRY!tr
AVG	Win32:BotX-gen [Trj]
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_80% (D)
Qihoo-360	Generic/HEUR/QVM11.1.8840.Malware.Gen

How to remove Bulz.302274?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

What is “Bulz.302274”?