Malware

Bulz.342326 removal instruction

Malware Removal

The Bulz.342326 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Bulz.342326 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Sample contains Overlay data
  • Checks adapter addresses which can be used to detect virtual network interfaces
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

How to determine Bulz.342326?


File Info:

name: B686BD1B810A132D2387.mlw
path: /opt/CAPEv2/storage/binaries/f19b1fbedc6472972e6ff4fa8425af110af14b3702d8ad50ebe8c578be4f9d41
crc32: 13CF8956
md5: b686bd1b810a132d2387f0dd6370f3bb
sha1: 42b39156d45959f9c7c6fd02be0252272c2df6e3
sha256: f19b1fbedc6472972e6ff4fa8425af110af14b3702d8ad50ebe8c578be4f9d41
sha512: dfe579ea2122fe41e2afbcf5741aa0a79ed59d2f6ece195933f042029a9433e8ed25e3062a6c728904fb0274f8768a965e2afbb70a372a0085630db2f8ef3d7a
ssdeep: 768:bgJeckx/mNfBv10Dy3MHsGBptCq+B2oIYFjt6ZI:bgJecu60Dy3ABpwqb+AZI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E5039427EF4C8826F6744AF20966D2FAA4E66C200451DD135489FE5A2F31603BDF923F
sha3_384: 57c2e6f34fdb312d730a9ac461735f59572f66cdeb02288e1b6cd07c64d56d86e9c3da606f39537b810394a453e36194
ep_bytes: 689c174000e8f0ffffff000000000000
timestamp: 2011-01-12 11:13:36

Version Info:

Translation: 0x0804 0x04b0
CompanyName: 三毛制作 QQ:510784518
ProductName: SendCountBag
FileVersion: 1.00
ProductVersion: 1.00
InternalName: sun01
OriginalFilename: sun01.exe

Bulz.342326 also known as:

MicroWorld-eScanGen:Variant.Bulz.342326
FireEyeGeneric.mg.b686bd1b810a132d
ALYacGen:Variant.Bulz.342326
CylanceUnsafe
ZillyaDownloader.Murlo.Win32.3779
Cybereasonmalicious.b810a1
VirITTrojan.Win32.VB.AOOZ
SymantecTrojan.Gen.2
Elasticmalicious (high confidence)
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.Murlo-51
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderGen:Variant.Bulz.342326
NANO-AntivirusTrojan.Win32.VP2.ejyrrj
AvastWin32:Trojan-gen
TencentWin32.Trojan-Downloader.Murlo.crde
Ad-AwareGen:Variant.Bulz.342326
EmsisoftGen:Variant.Bulz.342326 (B)
DrWebTrojan.DownLoader5.12603
VIPREGen:Variant.Bulz.342326
TrendMicroTROJ_DOWNLOADER_CD102E10.RDXN
McAfee-GW-EditionBehavesLike.Win32.Trojan.pt
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Bulz.342326
JiangminTrojanDownloader.Murlo.cru
WebrootW32.Malware.Gen
AviraTR/ATRAPS.Gen
Antiy-AVLTrojan/Generic.ASMalwS.20
ArcabitTrojan.Bulz.D53936
ViRobotTrojan.Win32.A.Downloader.40964.B
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
AhnLab-V3Downloader/Win32.Murlo.C87186
McAfeeArtemis!B686BD1B810A
MAXmalware (ai score=86)
VBA32Trojan.VBRA.05631
TrendMicro-HouseCallTROJ_DOWNLOADER_CD102E10.RDXN
RisingTrojan.Win32.Generic.127CE8F8 (C64:YzY0Oj14LlU5QVC0)
YandexTrojan.GenAsa!gX2w0xaa96I
IkarusTrojan-Downloader.Win32.Murlo
MaxSecureTrojan.W32.Multi.Generic
FortinetW32/Murlo.KLU!tr.dldr
BitDefenderThetaAI:Packer.1196914520
AVGWin32:Trojan-gen
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_60% (D)

How to remove Bulz.342326?

Bulz.342326 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment