Malware

Bulz.392358 (B) (file analysis)

Malware Removal

The Bulz.392358 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.392358 (B) virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Bulz.392358 (B)?



File Info:

name: BF8039D13EA66B0FCC28.mlw
path: /opt/CAPEv2/storage/binaries/292290887ad15a8be10109af79c0e44fbc35acc4b7ac2555e57acbbe026c9c52
crc32: AE4D7FDC
md5: bf8039d13ea66b0fcc28e418b8c58973
sha1: 6702622cb1bd366ba648619a631de45892f97d74
sha256: 292290887ad15a8be10109af79c0e44fbc35acc4b7ac2555e57acbbe026c9c52
sha512: d825012016b4afb391cd2b47b1529ee33045cf7bdfa11a43849f3749712aa2bc0a4fd7cf627445b72f6d3d93e60fa835d445284be54a5a5cabe53dab49a2b3fc
ssdeep: 3072:4j+ggS+UELn2uc0lc6AnCDrCrKJ0KTPQjJyn2d+j:4wjUG2ucT6AnCKOth
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F3D38BC326D72399D3E0263F55CA60409DB14FA7B80ADBD78CF281F6D4152E63A1D9CA
sha3_384: 28e9615c245148e26eecf73f5f6ef44c65f79f88ec43e92445ba368f661f2da5002d02e5174c9db98f9c512a770ca511
ep_bytes: ff250020400000000000000000000000
timestamp: 2020-02-09 16:56:57


Version Info:

Translation: 0x0000 0x04b0
FileDescription: WindowsFormsApplication1
FileVersion: 1.0.0.0
InternalName: WindowsFormsApplication1.exe
LegalCopyright: Copyright ©  2020
OriginalFilename: WindowsFormsApplication1.exe
ProductName: WindowsFormsApplication1
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Bulz.392358 (B) also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.392358
FireEyeGeneric.mg.bf8039d13ea66b0f
ALYacGen:Variant.Bulz.392358
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
K7AntiVirusTrojan ( 0050e43a1 )
BitDefenderGen:Variant.Bulz.392358
K7GWTrojan ( 0050e43a1 )
CrowdStrikewin/malicious_confidence_100% (W)
ArcabitTrojan.Bulz.D5FCA6
BitDefenderThetaGen:NN.ZemsilF.34182.im0@aioFnai
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.JFB
Paloaltogeneric.ml
KasperskyHEUR:Backdoor.MSIL.Crysan.gen
AlibabaBackdoor:MSIL/Crysan.d367d879
NANO-AntivirusTrojan.Win32.Kryptik.hatvdm
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:L3ny+Bct0cLyo0OzW+ovPw)
Ad-AwareGen:Variant.Bulz.392358
EmsisoftGen:Variant.Bulz.392358 (B)
ComodoMalware@#v2ylzfnowmxu
F-SecureHeuristic.HEUR/AGEN.1138981
DrWebTrojan.MulDrop11.40334
ZillyaTrojan.Kryptik.Win32.1942029
McAfee-GW-EditionArtemis!Trojan
SentinelOneStatic AI – Malicious PE
SophosMal/Generic-S
APEXMalicious
WebrootW32.Trojan.Gen
AviraHEUR/AGEN.1138981
Antiy-AVLTrojan[Backdoor]/MSIL.Crysan
KingsoftWin32.Troj.Generic_a.a.(kcloud)
MicrosoftBackdoor:Win32/Bladabindi!ml
ZoneAlarmHEUR:Backdoor.MSIL.Crysan.gen
GDataGen:Variant.Bulz.392358
CynetMalicious (score: 99)
AhnLab-V3Malware/Win32.RL_Generic.C3651220
McAfeeArtemis!BF8039D13EA6
MAXmalware (ai score=89)
VBA32TScope.Trojan.MSIL
MalwarebytesTrojan.Crypt.MSIL
PandaTrj/GdSda.A
TencentMsil.Backdoor.Crysan.Pjdg
YandexTrojan.Kryptik!JMMJ00NDEok
IkarusTrojan.MSIL.CryptoObfuscator
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Kryptik.JFB!tr
AVGWin32:TrojanX-gen [Trj]
Cybereasonmalicious.13ea66
AvastWin32:TrojanX-gen [Trj]

How to remove Bulz.392358 (B)?

Bulz.392358 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment