How to remove “Bulz.418135”?

The Bulz.418135 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Bulz.418135 virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine Bulz.418135?


File Info:
name: 4DA3EE2E5907ADC20BB8.mlw
path: /opt/CAPEv2/storage/binaries/db038568c5cc91f6d67cfe822b94e699a648b516a96245d4bfe04db4f6247bcd
crc32: 3A184926
md5: 4da3ee2e5907adc20bb858c922960841
sha1: b22f8d597414281810a3a8d797842fd069b0f6eb
sha256: db038568c5cc91f6d67cfe822b94e699a648b516a96245d4bfe04db4f6247bcd
sha512: a16baf4dc7c6d2c7616b81d16219be568a8c141642c8f4717833ad81a757743c844ea0bc6b0bb9a483bc5c9474f82c019fb9dd899e560941095cccb5d19d11dd
ssdeep: 192:XtkMfyB+uI0uezaohkt/0G87VabnlYJLn8rGLTUgbmaItxW13v15ynKiN7MWu:Xtk0yqXsGK4IorGLTU2Ctxofv0MW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T145322C1133E48172DABE0F731CB3AA11573BFF8A9D13EB6F1845A1560972B448672B72
sha3_384: 4391a0d7209641eef101c4f5856a1c0b71dbe03636d3460730aca90af1f02a8e444a45be1e3f14d96eb71a4e614ec2f3
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-03-27 17:07:15

Version Info:
Translation: 0x0000 0x04b0
Comments: Shell Infrastructure Host
FileDescription: Shell Infrastructure Host
FileVersion: 10.0.19041.746
InternalName: sm-set.exe-watchdog.exe
LegalCopyright: © Microsoft Corporation. All Rights Reserved.
OriginalFilename: sm-set.exe-watchdog.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.746
Assembly Version: 0.0.0.0

Bulz.418135 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Bulz.418135
McAfee	GenericRXOE-TV!4DA3EE2E5907
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 700000121 )
Alibaba	Trojan:MSIL/CoinMiner.a53ead09
K7GW	Trojan ( 700000121 )
Cyren	W32/Azorult.D.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/CoinMiner.BIP
APEX	Malicious
Avast	Win32:DropperX-gen [Drp]
ClamAV	Win.Packed.Tiny-9870445-0
Kaspersky	HEUR:Trojan.MSIL.Miner.gen
BitDefender	Gen:Variant.Bulz.418135
Tencent	Msil.Trojan.Miner.Pgnb
Sophos	Mal/Generic-S
TrendMicro	TROJ_GEN.R002C0DB422
McAfee-GW-Edition	GenericRXOE-TV!4DA3EE2E5907
FireEye	Generic.mg.4da3ee2e5907adc2
Emsisoft	Gen:Variant.Bulz.418135 (B)
MAX	malware (ai score=82)
Microsoft	Trojan:Win64/CoinMiner.GA!MTB
ZoneAlarm	HEUR:Trojan.MSIL.Miner.gen
GData	Gen:Variant.Bulz.418135
AhnLab-V3	Malware/Win.Reputation.C4396266
ALYac	Gen:Variant.Bulz.418135
TrendMicro-HouseCall	TROJ_GEN.R002C0DB422
SentinelOne	Static AI – Malicious PE
Fortinet	MSIL/Tiny.FC!tr
BitDefenderTheta	Gen:NN.ZemsilF.34182.am0@aKkxYX
AVG	Win32:DropperX-gen [Drp]
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_90% (W)

How to remove Bulz.418135?

Bulz.418135 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X