Malware

Bulz.473050 removal instruction

Malware Removal

The Bulz.473050 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.473050 virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • CAPE detected the RedLine malware family
  • Anomalous binary characteristics
  • Binary compilation timestomping detected

How to determine Bulz.473050?



File Info:

name: D95DCFF6F6DCC2115616.mlw
path: /opt/CAPEv2/storage/binaries/a4c6b0b4317aa73e0a6d77b5e9179635ff55c87e8c5a85b89d02a5e441e80254
crc32: 3C4B5943
md5: d95dcff6f6dcc21156160033020db3ec
sha1: a905575aa5bdb9a2ce8d937bd4efb20c45dc0bc1
sha256: a4c6b0b4317aa73e0a6d77b5e9179635ff55c87e8c5a85b89d02a5e441e80254
sha512: 0ea16c286cb1a5ac9dbd2e4a998db5cf9d07cab74629bfc3f380df7a3142fc646d4aa36c6a5f41162f5b202479ce50bb7920bd5bcd560b646e8fb22de42723bf
ssdeep: 6144:9mTLX2CYywv9asVIK9gfCD9Fs43EEStOAwHXa32e54:gsIKaCnsPwHXa3z4
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1920580502010C94CD72AE639DCD654F313EC9E81C625B2EB35D83F9836F2729A5EBE58
sha3_384: 564d4122b799dce4db09de8f9133d92d44146128b965870c2d7893dda01b525290046d5120e743e9719c39422c48d1e1
ep_bytes: ff250020400000000000000000000000
timestamp: 2043-10-27 18:30:19


Version Info:

Translation: 0x0409 0x04b0
Comments: 
CompanyName: Microsoft Corporation
FileDescription: Print Dialog
FileVersion: 10.0.19041.746 (WinBuild.160101.0800)
InternalName: PrintDialog
LegalCopyright: © Microsoft Corporation. All rights reserved.
LegalTrademarks: 
OriginalFilename: PrintDialog.dll
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.746
Assembly Version: 1.0.9.0

Bulz.473050 also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.MSIL.Reline.i!c
MicroWorld-eScanGen:Variant.Bulz.473050
SkyhighArtemis!Trojan
McAfeeArtemis!D95DCFF6F6DC
Cylanceunsafe
ZillyaTrojan.Reline.Win32.639
SangforSuspicious.Win32.Save.a
K7AntiVirusSpyware ( 0057a2c81 )
AlibabaTrojanPSW:MSIL/Reline.1f41f19d
K7GWSpyware ( 0057a2c81 )
Cybereasonmalicious.aa5bdb
ArcabitTrojan.Bulz.D737DA
BitDefenderThetaGen:NN.ZemsilF.36680.1q1@a8QbSAli
VirITTrojan.Win32.MSIL_Heur.A
SymantecML.Attribute.HighConfidence
ElasticWindows.Trojan.RedLineStealer
ESET-NOD32a variant of MSIL/Spy.RedLine.B
CynetMalicious (score: 99)
APEXMalicious
KasperskyHEUR:Trojan-PSW.MSIL.Reline.gen
BitDefenderGen:Variant.Bulz.473050
AvastWin32:SpywareX-gen [Trj]
RisingSpyware.Agent!8.C6 (C64:YzY0Og3iAB7pnHIvzA)
EmsisoftGen:Variant.Bulz.473050 (B)
F-SecureHeuristic.HEUR/AGEN.1327336
VIPREGen:Variant.Bulz.473050
SophosMal/Reline-B
IkarusTrojan.Win32.Generic
VaristW32/MSIL_Kryptik.EFT.gen!Eldorado
AviraHEUR/AGEN.1327336
Antiy-AVLTrojan[Spy]/MSIL.RedLine
MicrosoftTrojan:MSIL/Reline.V!MTB
ZoneAlarmHEUR:Trojan-PSW.MSIL.Reline.gen
GDataMSIL.Trojan-Stealer.Redline.B
GoogleDetected
AhnLab-V3Malware/Win.Generic.R422237
VBA32Trojan.MSIL.RedLine.Heur
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/GdSda.A
TencentWin32.Trojan.FalseSign.Gflw
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.95853585.susgen
FortinetMSIL/Agent.DFY!tr.spy
AVGWin32:SpywareX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Bulz.473050?

Bulz.473050 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment