What is “Bulz.422326”?

The Bulz.422326 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Bulz.422326 virus can do?

Authenticode signature is invalid
Anomalous .NET characteristics

How to determine Bulz.422326?


File Info:
name: 4F4FBABDF94D0A967FE1.mlw
path: /opt/CAPEv2/storage/binaries/6d74d6c3e1a4b646c49a10a8dc5c82869c000ecefa72784a7c9c02c29edf89f1
crc32: 9E02EE73
md5: 4f4fbabdf94d0a967fe111741498067e
sha1: 3afc6d7fd1244ae864dd2d26c87a20c7c276e165
sha256: 6d74d6c3e1a4b646c49a10a8dc5c82869c000ecefa72784a7c9c02c29edf89f1
sha512: d1676abd9840134f686f599c5814d0868e51877e2478b5a4db588450e2b1ae37bc3821117b59e03b0eee5d0bdb7467e2b9bc42c28ee70bf040d3c59b912fa4bf
ssdeep: 96:0OGCnASO7Bq6uh/K7oEQOCxqBdNrkctNKt9wur0a:0M6uNwXCxgdN4c7KrwM
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T19FC14410A3F8426AE1FB0BBA54BB4341A3B6B8339F36C7CE15C5524C9C117428B63B76
sha3_384: 32685562f21b9716917cd5b108e5d8d1623d7ad0749d247fcc5f1a221db84dde33cbda5ad17d6ed6a76e1ac717151ad0
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-02-15 16:10:01

Version Info:
Translation: 0x007f 0x04b0
Comments:  
CompanyName:  
FileDescription:  
FileVersion: 0.0.0.0
InternalName: Desktop.exe
LegalCopyright:  
LegalTrademarks:  
OriginalFilename: Desktop.exe
ProductName:  
ProductVersion:

Bulz.422326 also known as:

Lionic	Trojan.Win32.Agent.a!c
Elastic	malicious (high confidence)
Cynet	Malicious (score: 99)
FireEye	Gen:Variant.Bulz.422326
McAfee	Artemis!4F4FBABDF94D
Cylance	Unsafe
VIPRE	Gen:Variant.Bulz.422326
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	TrojanDownloader:Win32/MalwareX.1bb0956e
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
Kaspersky	Trojan-Downloader.Win32.Agent.xxzprp
BitDefender	Gen:Variant.Bulz.422326
MicroWorld-eScan	Gen:Variant.Bulz.422326
Avast	Win32:MalwareX-gen [Trj]
Tencent	Win32.Trojan-Downloader.Agent.Ekjl
Ad-Aware	Gen:Variant.Bulz.422326
Emsisoft	Gen:Variant.Bulz.422326 (B)
Zillya	Downloader.Agent.Win32.444767
McAfee-GW-Edition	Artemis!Trojan
Ikarus	Trojan-Downloader.Agent
GData	Gen:Variant.Bulz.422326
Avira	TR/Dldr.Agent.rgweg
MAX	malware (ai score=80)
Antiy-AVL	Trojan/Generic.ASMalwS.13
Arcabit	Trojan.Bulz.D671B6
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	Trojan/Win.Generic.C4534063
ALYac	Gen:Variant.Bulz.422326
Rising	Trojan.Generic/MSIL@AI.100 (RDM.MSIL:j0Ip0dl/X74+xvLhvxAVhg)
Yandex	Trojan.DL.Agent!Zu6cvjaid6w
MaxSecure	Trojan.Malware.7520.susgen
Fortinet	W32/Agent.XXZPRP!tr.dldr
AVG	Win32:MalwareX-gen [Trj]

How to remove Bulz.422326?

Bulz.422326 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X