Malware

Bulz.541876 malicious file

Malware Removal

The Bulz.541876 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.541876 virus can do?

  • Presents an Authenticode digital signature
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Bulz.541876?



File Info:

name: 0A57611734C75AFA7AF8.mlw
path: /opt/CAPEv2/storage/binaries/92e988f9225f451977d08c1670e2633703b3490e318af67f08a4f56582a3a2f0
crc32: 0B9453B6
md5: 0a57611734c75afa7af824a0c72578d0
sha1: bada682f14e1702bc503466b05b0fe13885c807b
sha256: 92e988f9225f451977d08c1670e2633703b3490e318af67f08a4f56582a3a2f0
sha512: c4a763d25dead40e2086a53d0b6584486f9e8a076206497c0cb16dbe0b66efa62fb1f47312b12ae9656e00b1c8664062e2b5568dc403cc4e1dac9fb670deffd2
ssdeep: 49152:ZFzR3lFxaRPq1mfhnFnxSC5GmcquPbTltK:Zr+GmclK
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1E095B60273F81B9DF2F38B789576A6158876BC2DDB11D7EE2264400D1E22BD08975B3B
sha3_384: 5c603764530da74590294c71c5507c9fd29590a5fe379dbb4224e37b7b8c700c46e37c99d0b1398f4d020430989ba663
ep_bytes: ff250020400000000000000000000000
timestamp: 2019-03-02 06:27:37


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Microsoft .NET Services Installation Utility
FileVersion: 4.8.3752.0 built by: NET48REL1
InternalName: RegSvcs.exe
LegalCopyright: © Microsoft Corporation.  All rights reserved.
OriginalFilename: RegSvcs.exe
ProductName: Microsoft® .NET Framework
ProductVersion: 4.8.3752.0
Comments: Flavor=Retail
PrivateBuild: DDBLD433
Translation: 0x0409 0x04b0

Bulz.541876 also known as:

LionicTrojan.Win32.Bulz.4!c
MicroWorld-eScanGen:Variant.Bulz.541876
FireEyeGen:Variant.Bulz.541876
ALYacGen:Variant.Bulz.541876
CylanceUnsafe
SangforTrojan.Win32.Sabsik.FL
SymantecML.Attribute.HighConfidence
APEXMalicious
BitDefenderGen:Variant.Bulz.541876
EmsisoftGen:Variant.Bulz.541876 (B)
McAfee-GW-EditionBehavesLike.Win32.Generic.th
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Malicious PE
MicrosoftProgram:Win32/Uwamson.A!ml
GDataGen:Variant.Bulz.541876
CynetMalicious (score: 100)
McAfeeArtemis!0A57611734C7
MAXmalware (ai score=89)
FortinetPossibleThreat.PALLASNET.H
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Bulz.541876?

Bulz.541876 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment