What is “Bulz.540080”?

The Bulz.540080 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Bulz.540080 virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine Bulz.540080?


File Info:
name: 8AAB7C70585BE2C35BC3.mlw
path: /opt/CAPEv2/storage/binaries/85f34542f5ec1dba09093dd3299fda6d24850392f71949167bf8a0189da78ac8
crc32: 2FE8F23A
md5: 8aab7c70585be2c35bc360d3655c1330
sha1: e4d303390ae0b9ee2ccc5fa91783d69e207625e4
sha256: 85f34542f5ec1dba09093dd3299fda6d24850392f71949167bf8a0189da78ac8
sha512: b2df7e150963d4f6a09d1494d52ec9817e8bcc29540f6567e626de635e122ebc5fa8dd12ab8fb75c272d8e4874a1b3102d4d02049902867fd6e817d0bf649913
ssdeep: 48:6d18lJtPFXwXy2+1biANgr7PmNM34Dn2Gj/eVsOXI94UswqOPulC0mRtI:jgXy24bY534yK/eVVI94zU0mR
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1ADB1B447ABD8255AE0A707750EB307661370F4506B37DB6F6BF0820ABC766906A167A0
sha3_384: a5db79916d504cc1eb88203fe428bc536ffa3cb1cb2f62254f7d5ee45548815a097af56111e081571170d0e4427211c1
ep_bytes: ff250020400000000000000000000000
timestamp: 1970-01-01 00:00:00

Version Info:
Translation: 0x007f 0x04b0
Comments:  
CompanyName:  
FileDescription:  
FileVersion: 0.0.0.0
InternalName: rev
LegalCopyright:  
LegalTrademarks:  
OriginalFilename: rev.exe
ProductName:  
ProductVersion:

Bulz.540080 also known as:

Cynet	Malicious (score: 100)
FireEye	Generic.mg.8aab7c70585be2c3
Malwarebytes	Trojan.Injector
VIPRE	Gen:Variant.Bulz.540080
Cybereason	malicious.0585be
Cyren	W32/MSIL_Agent.AS.gen!Eldorado
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Rozena.EI
APEX	Malicious
BitDefender	Gen:Variant.Bulz.540080
MicroWorld-eScan	Gen:Variant.Bulz.540080
Avast	Win32:Trojan-gen
Ad-Aware	Gen:Variant.Bulz.540080
Emsisoft	Gen:Variant.Bulz.540080 (B)
Trapmine	malicious.moderate.ml.score
Sophos	ML/PE-A
GData	Gen:Variant.Bulz.540080
Avira	TR/Rozena.Gen
Arcabit	Trojan.Bulz.D83DB0
Microsoft	Trojan:Win32/Sabsik.TE.A!ml
Google	Detected
AhnLab-V3	Trojan/Win.Generic.C5201859
Acronis	suspicious
ALYac	Gen:Variant.Bulz.540080
MAX	malware (ai score=87)
Rising	Trojan.Generic/MSIL@AI.97 (RDM.MSIL:A6hqCPsAuXWQPtbP9tKriQ)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Rozena.T!tr
BitDefenderTheta	Gen:NN.ZemsilF.34592.aq0@aOtwW!j
AVG	Win32:Trojan-gen

How to remove Bulz.540080?

Bulz.540080 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X