Malware

Bulz.462008 information

Malware Removal

The Bulz.462008 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.462008 virus can do?

  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid
  • Anomalous binary characteristics
  • Binary compilation timestomping detected

How to determine Bulz.462008?



File Info:

name: 55271DBA3A1BAC924B52.mlw
path: /opt/CAPEv2/storage/binaries/871ca259847d9ca2635ed523c5c38d73108cc910122884fcc09e7eefb86c82a0
crc32: 34FFF19C
md5: 55271dba3a1bac924b52edf9e36ee94a
sha1: 63e737e581976144fd7047b0b8d5fba9362cc406
sha256: 871ca259847d9ca2635ed523c5c38d73108cc910122884fcc09e7eefb86c82a0
sha512: dfab0778b2a2601a4f1660942df5ea853c4e7aa819eeaec469d8aafe25353573c591cfc66d69925a8fdd4fd486356a53a722f4ad02e79ea9e394f1c47057e1da
ssdeep: 12288:jYM8cd4++YLTicA+wdxFUxVhzK91V850:jYMJhLCxd8xKX/
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T1019438D73FC8D406F6644974547BC3B18973FCB1A4328666A1BC255BAF0B3ADD90234A
sha3_384: 3d297c71416ceed659fbd90d64d023c86866ac399b8ca2d6991eabdd623411b09a0bc3c48c9c7dbb9e4b54632fea3b89
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2058-06-26 10:07:39


Version Info:

Translation: 0x0000 0x04b0
Comments: Jeśli tu patrzysz to życzymy Ci miłego dnia, a jeśli uda Ci się zdeobfuscować GayPacka to prosimy go nie udostępniać publicznie :D
CompanyName: GayPack
FileDescription: GayPack
FileVersion: 1.0.4
InternalName: GayPack.exe
LegalCopyright: Copyright bremu45 © 2021
LegalTrademarks: 
OriginalFilename: GayPack.exe
ProductName: GayPack
ProductVersion: 1.0.4
Assembly Version: 1.0.4.0

Bulz.462008 also known as:

LionicTrojan.Win32.Bulz.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.462008
FireEyeGeneric.mg.55271dba3a1bac92
McAfeeArtemis!55271DBA3A1B
CylanceUnsafe
K7AntiVirusTrojan ( 00574e2d1 )
CrowdStrikewin/malicious_confidence_80% (W)
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of MSIL/Packed.VMProtect.C suspicious
TrendMicro-HouseCallTROJ_GEN.R002H09L721
Paloaltogeneric.ml
BitDefenderGen:Variant.Bulz.462008
Ad-AwareGen:Variant.Bulz.462008
SophosMal/VMProtBad-A
McAfee-GW-EditionArtemis!Trojan
EmsisoftGen:Variant.Bulz.462008 (B)
IkarusTrojan.MSIL.Vmprotect
GDataGen:Variant.Bulz.462008
AviraHEUR/AGEN.1144296
MAXmalware (ai score=86)
GridinsoftRansom.Win64.Sabsik.sa
APEXMalicious
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
ALYacGen:Variant.Bulz.462008
SentinelOneStatic AI – Malicious PE
FortinetRiskware/Application
WebrootW32.Trojan.FL
Cybereasonmalicious.581976

How to remove Bulz.462008?

Bulz.462008 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment