Bulz.304051 information

The Bulz.304051 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Bulz.304051 virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Bulz.304051?


File Info:
name: 1937D5A853734874A0EF.mlw
path: /opt/CAPEv2/storage/binaries/88e6238b9329ac7eca5ff20016f896c4869760a44e2da20cfd070bf83db52d64
crc32: 4E424610
md5: 1937d5a853734874a0ef18d4acc43113
sha1: 37c4f8d0c6fea50f836c0a308b06de910205189a
sha256: 88e6238b9329ac7eca5ff20016f896c4869760a44e2da20cfd070bf83db52d64
sha512: e43cbf94a70683649ac126a68d37f0d69bb581864e5e1a6076f9a09e2a3a89f88b436d3ef41300af873ea1fc70f3fdb75fe69288bcf5c17ef100b4b802478a28
ssdeep: 384:J0qeDq8sGk+MGqf5feStn8/XZzVPWjpbW:JiDHs6sNG/XZA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18462D71437E08772D87ED9B888F279052771A60B1826CD5A1CCCC59F14B17E98AB3E7A
sha3_384: afead47d0310d857020c7a1f755257c2d6c9d426a124466023bac38e31adf4a690bfe3d37f88790ddba854b3efd45a37
ep_bytes: ff250020400000000000000000000000
timestamp: 2066-05-19 01:48:09

Version Info:
Translation: 0x0000 0x04b0
Comments: Host Process for Windows Services
CompanyName: Microsoft
FileDescription: Host Process for Windows Services
FileVersion: 1.0.0.0
InternalName: svchost.exe
LegalCopyright: Copyright ©  2022
LegalTrademarks: ©  Microsoft Corporation. All rights reversed.
OriginalFilename: svchost.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Bulz.304051 also known as:

Bkav	W32.AIDetectNet.01
Lionic	Trojan.MSIL.ClipBanker.7!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Bulz.304051
FireEye	Gen:Variant.Bulz.304051
McAfee	Artemis!1937D5A85373
Zillya	Trojan.ClipBanker.Win32.14405
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 0056880a1 )
BitDefender	Gen:Variant.Bulz.304051
K7GW	Trojan ( 0056880a1 )
Cybereason	malicious.853734
BitDefenderTheta	Gen:NN.ZemsilF.34698.am0@aK7BwRl
Cyren	W32/Trojan.DIS.gen!Eldorado
ESET-NOD32	a variant of MSIL/ClipBanker.PW
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Packed.Clipbanker-9949487-0
Kaspersky	HEUR:Trojan-Banker.MSIL.ClipBanker.gen
Alibaba	TrojanBanker:MSIL/ClipBanker.aa8db844
Cynet	Malicious (score: 99)
Rising	Spyware.Merlynn!1.DFEE (CLASSIC)
Ad-Aware	Gen:Variant.Bulz.304051
Emsisoft	Gen:Variant.Bulz.304051 (B)
DrWeb	Trojan.ClipBankerNET.27
VIPRE	Gen:Variant.Bulz.304051
TrendMicro	TROJ_GEN.R002C0DHJ22
McAfee-GW-Edition	Artemis!Trojan
Ikarus	Trojan.MSIL.ClipBanker
Jiangmin	Trojan.Banker.MSIL.hay
Avira	HEUR/AGEN.1217213
Antiy-AVL	Trojan/Generic.ASMalwS.5499
Microsoft	Trojan:MSIL/ClipBanker.GA!MTB
GData	Gen:Variant.Bulz.304051
Google	Detected
AhnLab-V3	Trojan/Win.Generic.C4881163
VBA32	CIL.StupidStealth.Heur
ALYac	Gen:Variant.Bulz.304051
MAX	malware (ai score=88)
Cylance	Unsafe
Panda	Trj/GdSda.A
TrendMicro-HouseCall	TROJ_GEN.R002C0DHJ22
Tencent	Msil.Trojan-Banker.Clipbanker.Majl
Yandex	Trojan.ClipBanker!gqApdDg3xeY
SentinelOne	Static AI – Suspicious PE
Fortinet	MSIL/ClipBanker.QB!tr
AVG	Win32:PWSX-gen [Trj]
Avast	Win32:PWSX-gen [Trj]
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Bulz.304051?

Bulz.304051 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X