Categories: Malware

Should I remove “Bulz.394889”?

The Bulz.394889 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Bulz.394889 virus can do?

Sample contains Overlay data
CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Bulz.394889?


File Info:
name: 216A956B4218E179DF4E.mlwpath: /opt/CAPEv2/storage/binaries/ba1eb385dd763967e0e818b287763d58812b6369d4767aa96fce806773bf24c0crc32: 7F213F43md5: 216a956b4218e179df4e57d2459cd14bsha1: d35712b10d00891847b3ccc9c139851ebe544a4bsha256: ba1eb385dd763967e0e818b287763d58812b6369d4767aa96fce806773bf24c0sha512: 826559f0598f69bdc45f0b2fbcbc9c4814f39890e53cd52ff4c495f7eec93c7fb7750e3ff9dd3adb42e3d76b86d04d74375d354fe6f508bdcacf7177531d74e2ssdeep: 1536:SAf9qWr1v6WLJ75tGyilVPglWchHPhNZEuLypA:SAf93NGyilSUGpNZnLymtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T11933AE1175D68233C8824E3659B99B025B3B786057B196876BAC0B5FEF133F869363C3sha3_384: f4a77a7cc2366503307fee6392b7f3ca6cae2d7d1b025c4266edf9312900439b088f6f932141c20fecbc68eeee004e6bep_bytes: ff25a460000100000000000000000000timestamp: 2005-11-01 17:02:42
Version Info:
CompanyName: Microsoft CorporationFileDescription: MFC Managed Library - Retail VersionFileVersion: 8.00.50727.762InternalName: MFCM80.DLLLegalCopyright: © Microsoft Corporation.  All rights reserved.ProductName: Microsoft® Visual Studio® 2005OriginalFilename: MFCM80.DLLProductVersion: 8.00.50727.762Translation: 0x0409 0x04b0

Bulz.394889 also known as:

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Bulz.394889
FireEye	Generic.mg.216a956b4218e179
Skyhigh	Artemis!Trojan
McAfee	Artemis!216A956B4218
Malwarebytes	Generic.Malware.AI.DDS
Sangfor	Trojan.Win32.Agent.Vp6j
CrowdStrike	win/malicious_confidence_100% (W)
BitDefenderTheta	Gen:NN.ZemsilF.36802.dq1@aCOQY!fi
Symantec	ML.Attribute.HighConfidence
tehtris	Generic.Malware
APEX	Malicious
TrendMicro-HouseCall	TROJ_GEN.R002H09A324
BitDefender	Gen:Variant.Bulz.394889
NANO-Antivirus	Trojan.Win32.TrjGen.decwr
VIPRE	Gen:Variant.Bulz.394889
Trapmine	malicious.moderate.ml.score
Emsisoft	Gen:Variant.Bulz.394889 (B)
Ikarus	Trojan.Dropper
GData	Gen:Variant.Bulz.394889
Jiangmin	Trojan/Jorik.crq
Google	Detected
Antiy-AVL	GrayWare/Win32.Wacapew.c
Kingsoft	malware.kb.c.1000
Arcabit	Trojan.Bulz.D60689
Microsoft	PWS:Win32/Zbot!ml
ALYac	Gen:Variant.Bulz.394889
MAX	malware (ai score=89)
Cylance	unsafe
Rising	Trojan.Agent!8.B1E (CLOUD)
Yandex	Trojan.GenAsa!sxnFeJAVaWI
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.147799316.susgen
Cybereason	malicious.b4218e
DeepInstinct	MALICIOUS