Malware

About “Bulz.535425” infection

Malware Removal

The Bulz.535425 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.535425 virus can do?

  • Presents an Authenticode digital signature
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

How to determine Bulz.535425?



File Info:

crc32: 550B7661
md5: 615b2c5305f7dfcfc9388c3ceffe9b04
name: 615B2C5305F7DFCFC9388C3CEFFE9B04.mlw
sha1: 2b3451cf532027f897e5b37e5f8656e980b92631
sha256: 3fef52a5448b6040204fcca96759e4665f4e5b54a12b31bd3a2678285ebc0fe1
sha512: c8e3786c10b2f90beb1478b789a38b0c4277894f77b16261306050377f40af7608ecff9f82dccc7f2d627121bd5af35f018146319b89d41e806a9fa9a7e96e31
ssdeep: 12288:Iu8xZVPwwm72dxTTgnkRdSrSBcQFAeMTeFeYnghAHM:Iu8xZ5wR72dxTcagrSFFBOeFebUM
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyleft 1998-2017 by Don HO
Assembly Version: 8.1.0.0
InternalName: nnpeire.exe
FileVersion: 8.1.0.0
CompanyName: Don HO don.h@free.fr
LegalTrademarks: 
Comments: Notepad++ : a free (GNU) source code editor
ProductName: Notepad++
ProductVersion: 8.1.0.0
FileDescription: Notepad++ : a free (GNU) source code editor
OriginalFilename: nnpeire.exe

Bulz.535425 also known as:

K7AntiVirusTrojan ( 005748241 )
CynetMalicious (score: 100)
ALYacGen:Variant.Bulz.535425
CylanceUnsafe
SangforBackdoor.MSIL.NanoBot.gen
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaBackdoor:MSIL/NanoBot.bcfe3930
K7GWTrojan ( 005748241 )
Cybereasonmalicious.f53202
CyrenW32/MSIL_Kryptik.CWI.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.ABPD
APEXMalicious
AvastWin32:CrypterX-gen [Trj]
KasperskyHEUR:Backdoor.MSIL.NanoBot.gen
BitDefenderGen:Variant.Bulz.535425
MicroWorld-eScanGen:Variant.Bulz.535425
TencentMsil.Backdoor.Nanobot.Wlzf
Ad-AwareGen:Variant.Bulz.535425
SophosMal/Generic-S
VIPRETrojan.Win32.Generic.pak!cobra
TrendMicroTROJ_GEN.R002C0PG121
McAfee-GW-EditionPWS-FCZZ!615B2C5305F7
FireEyeGeneric.mg.615b2c5305f7dfcf
EmsisoftGen:Variant.Bulz.535425 (B)
SentinelOneStatic AI – Malicious PE
AviraTR/Kryptik.zirzo
eGambitPE.Heur.InvalidSig
MicrosoftTrojan:Win32/AgentTesla!ml
AegisLabTrojan.MSIL.NanoBot.m!c
ZoneAlarmHEUR:Backdoor.MSIL.NanoBot.gen
GDataGen:Variant.Bulz.535425
AhnLab-V3Trojan/Win.Generic.C4537372
McAfeePWS-FCZZ!615B2C5305F7
MAXmalware (ai score=84)
MalwarebytesBackdoor.NanoCore
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002C0PG121
IkarusTrojan.Inject
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Kryptik.ABRJ!tr
AVGWin32:CrypterX-gen [Trj]
Paloaltogeneric.ml
Qihoo-360Win32/Trojan.Kryptik.HgIASXkA

How to remove Bulz.535425?

Bulz.535425 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment