Malware

About “Bulz.388086” infection

Malware Removal

The Bulz.388086 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.388086 virus can do?

  • Executable code extraction
  • Compression (or decompression)
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • Starts servers listening on 127.0.0.1:19860
  • Unconventionial language used in binary resources: Spanish (Colombia)
  • The binary likely contains encrypted or compressed data.
  • Deletes its original binary from disk
  • Steals private information from local Internet browsers
  • Collects information about installed applications
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

How to determine Bulz.388086?



File Info:

crc32: 45532F81
md5: 921658873d6408b78cfb27ce5426a6b5
name: 921658873D6408B78CFB27CE5426A6B5.mlw
sha1: e6ff8f5c294ce9d5e71a0941d03cae2ec4d9cd85
sha256: 043be22b017d282d8ec910a16e43fd852bc067df0fe0850f0415e2f169616711
sha512: 8b531be830176c81eb5728ead74d33f878f01e92b895eb0f840e9e712d3852abd5c787cc6dc0087d7483422604658aeca85c9d783e15be30d7f2ee5b5df5f53e
ssdeep: 98304:0UvGpcEGQDrU4B+J7fCf5S0ppowDtVdXXUOw3HmpnIIEQbqUizZ1rbQ:Fv2cInBiyQ0p9vwX6nVniP
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Bulz.388086 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.388086
FireEyeGeneric.mg.921658873d6408b7
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0056f9be1 )
BitDefenderGen:Variant.Bulz.388086
K7GWTrojan ( 0056f9be1 )
CyrenW32/Kryptik.DOJ.gen!Eldorado
SymantecML.Attribute.HighConfidence
APEXMalicious
RisingMalware.Heuristic!ET#87% (RDMK:cmRtazpIA/eOEDiSCSeZmiXH+hSA)
Ad-AwareGen:Variant.Bulz.388086
EmsisoftGen:Variant.Bulz.388086 (B)
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
SophosML/PE-A
IkarusTrojan-Banker.UrSnif
MicrosoftTrojan:Win32/Glupteba!ml
GDataGen:Variant.Bulz.388086
CynetMalicious (score: 100)
McAfeePacked-GDK!921658873D64
MAXmalware (ai score=85)
MalwarebytesMalware.AI.2398949046
SentinelOneStatic AI – Malicious PE
BitDefenderThetaGen:NN.ZexaF.34608.@xW@aesgWcS

How to remove Bulz.388086?

Bulz.388086 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment