Categories: Malware

About “Bulz.360921” infection

The Bulz.360921 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Bulz.360921 virus can do?

Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Turkish
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Bulz.360921?


File Info:
name: A0CB07194448B9458B9A.mlwpath: /opt/CAPEv2/storage/binaries/265ef1bd2021961dbf4c00b06bf23bdad267c9600af22cc9a7f3674dabbd3d98crc32: 0AEFF102md5: a0cb07194448b9458b9a7d0b650e3368sha1: bb14b078b7dbb791f0ef423504218feae7d148efsha256: 265ef1bd2021961dbf4c00b06bf23bdad267c9600af22cc9a7f3674dabbd3d98sha512: b5e2deb4d75ada188e56f64b3c0561f66fbad2c949a635660fc6fa8a8ecb5c79e2eb5968af6231e8d68da255ff854a3d5f96a3dc6fe814c90aaf6ede312e54adssdeep: 24576:4nsJ39Lyjayw1ez54lIYF5SXYHp9CIXW/8yw1ez54lIYF5SXYH2:4nsHyjabC4lIlMD9bC4lIlltype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T18F65BF22F2D340B3E5622074587A97725939BE311B369AC7BBE03D3D5E352C06A3935Bsha3_384: 89ca7ddc64f6efd7968245743924385691d80c64a9bb755ff79641eb4c4c298b9b1d1ba095f3374f6dd57a515959e0fdep_bytes: 10101010101010101010101010101010timestamp: 1992-06-19 22:22:17
Version Info:
CompanyName: SynapticsFileDescription: 易语言程序FileVersion: 1.0.0.0InternalName: LegalCopyright: 作者版权所有 请尊重并使用正版LegalTrademarks: OriginalFilename: ProductName: 易语言程序ProductVersion: 1.0.0.0Comments: 本程序使用易语言编写(http://www.eyuyan.com)Translation: 0x0804 0x04b0

Bulz.360921 also known as:

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
DrWeb	Trojan.MulDrop9.5793
MicroWorld-eScan	Gen:Variant.Bulz.360921
FireEye	Generic.mg.a0cb07194448b945
CAT-QuickHeal	Trojan.HesvRI.S21236049
McAfee	Artemis!A0CB07194448
Cylance	Unsafe
K7AntiVirus	Trojan ( 7000000f1 )
K7GW	Trojan ( 7000000f1 )
Cybereason	malicious.94448b
BitDefenderTheta	Gen:NN.ZelphiF.34294.yH0@aOBS61bH
Cyren	W32/Trojan.XKGZ-9378
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	multiple detections
TrendMicro-HouseCall	Mal_OtorunP
ClamAV	Win.Trojan.Emotet-9850453-0
Kaspersky	Trojan-Spy.Win32.AutoIt.p
BitDefender	Gen:Variant.Bulz.360921
NANO-Antivirus	Trojan.Win32.Optix.fbquhj
Avast	AutoIt:Agent-DG [Trj]
Tencent	Trojan.Win32.Autoit.b
Ad-Aware	Gen:Variant.Bulz.360921
Emsisoft	Gen:Variant.Bulz.360921 (B)
Comodo	TrojWare.Win32.FraudPack.P@2ysxyk
F-Secure	Trojan:W97M/MaliciousMacro.GEN
Baidu	Win32.Trojan.Agent.acd
TrendMicro	Mal_OtorunP
McAfee-GW-Edition	Generic.tj
Sophos	Generic ML PUA (PUA)
Ikarus	JS.Trojan-Downloader.Agent
GData	Win32.Application.PUPStudio.A
Jiangmin	Win32/Synaptics.Gen
Avira	TR/AD.Milum.qebhh
Antiy-AVL	Trojan/Win32.Autoit
Arcabit	HEUR.VBA.Trojan.d
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Win32/Zorex.X1799
VBA32	Trojan.Hesv
ALYac	Gen:Variant.Bulz.360921
MAX	malware (ai score=88)
Malwarebytes	Trojan.Agent
APEX	Malicious
Rising	Malware.Heuristic!ET#94% (RDMK:cmRtazrwA4b998TsX3cAzc8nFvg1)
Yandex	Trojan.GenAsa!uaqukc/qOXI
SentinelOne	Static AI – Suspicious PE
eGambit	Unsafe.AI_Score_100%
Fortinet	VBA/Agent.IGI!tr.dldr
AVG	AutoIt:Agent-DG [Trj]
CrowdStrike	win/malicious_confidence_80% (W)
MaxSecure	Dropper.Dinwod.frindll