Bulz.329078 (file analysis)

The Bulz.329078 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Bulz.329078 virus can do?

• Executable code extraction
• Creates RWX memory
• A process created a hidden window
• Attempts to repeatedly call a single API many times in order to delay analysis time
• Network activity detected but not expressed in API logs
• Anomalous binary characteristics

Related domains:

How to determine Bulz.329078?

File Info:
crc32: F637D99C
md5: 66ed23bd34cf4c1f991e09e29cbe6bef
name: 66ED23BD34CF4C1F991E09E29CBE6BEF.mlw
sha1: 8e039085f24404f5039a87326cb0d9bf8f47998b
sha256: c591421086e2c58b53db6022fb13c4fc84d493ccafba72b596c3bafa959e1af0
sha512: a61939a4c7681a4f7b8e1871725ed8ca0ce04364c4802b28d353d4ed1d36b4215319201b7c949b9d7dab81e6fbc2d655cb685eb42dcf498038f0dc3cc8374fe7
ssdeep: 49152:D8X+3jWsfKeqRJoSsAAuxQueERPjPIyl0GBr4zqlGgmfXSxUPYV3WXTQ1V:lzO8fERrPIygzq5mfXqUPYF
type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows

Version Info:
FileVersion: 10.1.19041.1
CompanyName: Application
LegalTrademarks: Windows Operating System
ProductName: Registor Editor
ProductVersion: 10.1.19041.1
FileDescription: Registor Editor
OriginalFilename: reg.exe
Translation: 0x0409 0x04e4

Bulz.329078 also known as:

How to remove Bulz.329078?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.