Malware

Bulz.550464 information

Malware Removal

The Bulz.550464 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.550464 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Expresses interest in specific running processes
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Bulz.550464?



File Info:

name: CB50803921F6AF75FD68.mlw
path: /opt/CAPEv2/storage/binaries/0ebc9d9e6acc9013b103f449a3f00648fbff8c669b2136419a3e0278e0af94c0
crc32: F9990B83
md5: cb50803921f6af75fd683761adf1fe04
sha1: 489018cf6f2f71095d533d47a6f2e66319d18ee3
sha256: 0ebc9d9e6acc9013b103f449a3f00648fbff8c669b2136419a3e0278e0af94c0
sha512: 8a832be2bb88ebd2e11f587a8049550899109d3bbfb0613671dd31437dc3c724342d62bf1c07468551bb753233763e4074e23122464841acddffa943323934d6
ssdeep: 12288:hDbTo/Fm+PQuegqxU/wVxGQ//JQ3HDoG6Rub/15zX:hDvo/Fm+SgqS/wVxGY/CDtzz
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T194D4E053E19C8886DCEA123AFE2298A63D34BD6A7134910F11917F1EF572F10D5E2B27
sha3_384: 289dba123e560f7b800f33d50bc41f8c5400293f0d34c44e8cd695fc0dfdb0e2d1ccf20b5179749b5cbbd6d404d63122
ep_bytes: 558bec6aff6808b3460068ea99460064
timestamp: 2021-06-30 11:45:37


Version Info:

CompanyName: SWE Sven Ritter
FileDescription: SpeedEdit
FileVersion: 19.10.9900
LegalCopyright: Copyright © 1993-2020 Sven Ritter. Alle Rechte vorbehalten.
OriginalFilename: SpeedEdit.exe
ProductName: SpeedCommander
ProductVersion: 19.10
Translation: 0x0407 0x04b0

Bulz.550464 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Staser.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.550464
FireEyeGeneric.mg.cb50803921f6af75
McAfeeGenericRXPD-HK!CB50803921F6
MalwarebytesAdware.DownloadAssistant
SangforTrojan.Win32.Staser.gen
CrowdStrikewin/malicious_confidence_70% (W)
AlibabaTrojan:Win32/Staser.ec5bc4e7
K7GWTrojan ( 005825821 )
K7AntiVirusTrojan ( 005825821 )
BitDefenderThetaGen:NN.ZexaF.34212.My0@aOXzNOFi
CyrenW32/Kryptik.ELX.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HLMN
TrendMicro-HouseCallTROJ_GEN.R002C0PB222
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Staser.gen
BitDefenderGen:Variant.Bulz.550464
SUPERAntiSpywareTrojan.Agent/Gen-Kryptik
AvastWin32:CrypterX-gen [Trj]
TencentWin32.Trojan.Staser.Szky
Ad-AwareGen:Variant.Bulz.550464
SophosMal/Generic-S
TrendMicroTROJ_GEN.R002C0PB222
McAfee-GW-EditionBehavesLike.Win32.Generic.jc
EmsisoftGen:Variant.Bulz.550464 (B)
IkarusTrojan.Win32.Crypt
GDataGen:Variant.Bulz.550464
AviraHEUR/AGEN.1244176
Antiy-AVLTrojan/Win32.Staser
GridinsoftRansom.Win32.Wacatac.sa
ArcabitTrojan.Bulz.D86640
ZoneAlarmHEUR:Trojan.Win32.Staser.gen
MicrosoftTrojan:Win32/Tnega!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R421535
VBA32Trojan.Staser
ALYacGen:Variant.Bulz.550464
MAXmalware (ai score=81)
CylanceUnsafe
APEXMalicious
RisingBackdoor.TeviRat!8.1089E (TFE:dGZlOgHZ4aEKKZ9WJw)
YandexTrojan.Staser!PUQ05ALeOiI
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.HATU!tr
AVGWin32:CrypterX-gen [Trj]
PandaTrj/Genetic.gen

How to remove Bulz.550464?

Bulz.550464 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment