Malware

Bulz.578504 malicious file

Malware Removal

The Bulz.578504 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.578504 virus can do?

  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Bulz.578504?



File Info:

name: 404FA5887AF7BF8B2305.mlw
path: /opt/CAPEv2/storage/binaries/2a27f8dc491f16e923b88d129a3c2bc57082fe1dc23f0e409a0420b3df49a086
crc32: 405765E4
md5: 404fa5887af7bf8b23052a3457180ba1
sha1: c96557b4142c9848f8193d505ab761e40fc853c8
sha256: 2a27f8dc491f16e923b88d129a3c2bc57082fe1dc23f0e409a0420b3df49a086
sha512: a60490a823e93f19c9445fc69d85cf13b8f7baf9c1a16a198edb76f4bcc97baaca74ed3611d7d9121babdf2d9b034a56907bbc694d061733c6544daeb26c0591
ssdeep: 49152:QMOahzEMY6YLKSs3EFQ7jmRQdG97hjtCU5HJMTIROufKqCJAx:bOwORQdY7ptCU5pOuCJex
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B3463B21F244943BC09E1E37D86AFA44583A6F73AD21C86776AC7D488FF75403A3AD16
sha3_384: b4e6de061ce3d593145f756ed0436755d9087979dd53f1be0c708308e04e31c8e1a38f33cc2621dcd7294365e13a47f0
ep_bytes: 558bec83c4f0b8c4ea7000e85842cfff
timestamp: 2020-03-02 03:39:20


Version Info:

FileDescription: Mitelcel
FileVersion: 18.22.5.4
LegalCopyright: Mitel Cel Enterprises
OriginalFilename: factmitelcel
ProductName: Mitelcel
ProductVersion: 18.22.5.4
ProgramID: Mitelcel Facts
Translation: 0x0409 0x04e4

Bulz.578504 also known as:

LionicTrojan.Multi.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.578504
FireEyeGeneric.mg.404fa5887af7bf8b
ALYacGen:Variant.Bulz.578504
CylanceUnsafe
SangforTrojan.Win32.DropperX.gen
AlibabaTrojanDownloader:Win32/Banload.fc1ef249
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanDownloader.Banload.YMO
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Agent.gen
BitDefenderGen:Variant.Bulz.578504
AvastWin32:DropperX-gen [Drp]
Ad-AwareGen:Variant.Bulz.578504
SophosMal/Generic-S
ComodoMalware@#3vmxvsqpq4fu
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.BadFile.th
EmsisoftGen:Variant.Bulz.578504 (B)
IkarusTrojan-Downloader.Win32.Banload
GDataGen:Variant.Bulz.578504
AviraHEUR/AGEN.1137879
Antiy-AVLTrojan/Generic.ASMalwS.3011F8D
MicrosoftTrojan:Win32/Occamy.C2A
CynetMalicious (score: 99)
McAfeeArtemis!404FA5887AF7
MAXmalware (ai score=82)
VBA32TScope.Trojan.Delf
MalwarebytesTrojan.Banker
RisingTrojan.Generic@ML.86 (RDML:LT4g6tfqZDyaKt8X2z+EJQ)
YandexTrojan.GenAsa!gai7yqqKaK8
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Banload.YMO!tr.dldr
AVGWin32:DropperX-gen [Drp]
PandaTrj/Agent.PM
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Bulz.578504?

Bulz.578504 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment