Categories: Malware

Bulz.5876 (file analysis)

The Bulz.5876 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Bulz.5876 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Unconventionial language used in binary resources: Telugu
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine Bulz.5876?


File Info:
name: 940357FA35820028829D.mlwpath: /opt/CAPEv2/storage/binaries/9cb6783eeda4b9b7200c9c16ba3ebf1f3795015091863a9799ff69ee3734db26crc32: F98D5619md5: 940357fa35820028829dfe38da91bc6dsha1: ad3b3798290c4992560969010af84ef94f0b3213sha256: 9cb6783eeda4b9b7200c9c16ba3ebf1f3795015091863a9799ff69ee3734db26sha512: 68ff694d5f9538b6dece73ea06e566d641d4518ad4e966f63c0631729fe4cc09f5feda0e99f3602e9a7b92ab5cb76991c2fe2e2a9287a73dc90711d2b4aafaf1ssdeep: 6144:0SDaWXpl5alOHD1O2XfgAOF+dXIf7c/ywZr4BntNM90wKRB:DDaW5HalOHD1OMfo+dXIeywZr4ZM90rtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T12B84102C76D285EAEC0FE072CD6136B46A930F0F96506D4B5F8A79CABB6A4151D34CCCsha3_384: 6939ca77eb16488976ead67de65498b01a971dd93ddaf04a0e3d0225f3e9a307b3b48378b865c9e2277d5990211832e3ep_bytes: ff250020400000000000000000000000timestamp: 2021-12-08 18:50:23
Version Info:
CompanyName: Adobe Inc.FileDescription: Adobe InstallerFileVersion: 5.3.1.470InternalName: Adobe InstallerLegalCopyright: © 2020 Adobe. All rights reserved.OriginalFilename: Adobe InstallerProductName: Adobe InstallerProductVersion: 5.3.1.470Translation: 0x0409 0x04b0

Bulz.5876 also known as:

Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.Inject4.21705
MicroWorld-eScan	Gen:Variant.Bulz.5876
ALYac	Gen:Variant.Bulz.5876
Malwarebytes	Trojan.Injector
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_90% (W)
Alibaba	Trojan:MSIL/Injector.21aece96
K7GW	Trojan ( 005819cf1 )
K7AntiVirus	Trojan ( 005819cf1 )
BitDefenderTheta	Gen:NN.ZemsilF.34084.ym0@aG1u4QiG
ESET-NOD32	a variant of MSIL/Injector.VRI
TrendMicro-HouseCall	TROJ_GEN.R002C0WL921
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Bulz.5876
Avast	Win32:InjectorX-gen [Trj]
Tencent	Win32.Trojan.Generic.Hqbb
Ad-Aware	Gen:Variant.Bulz.5876
Emsisoft	Gen:Variant.Bulz.5876 (B)
TrendMicro	TROJ_GEN.R002C0WL921
FireEye	Generic.mg.940357fa35820028
Ikarus	Trojan.MSIL.Injector
GData	MSIL.Backdoor.ASyncRAT.BDX0TI
Avira	TR/Injector.haqlu
Antiy-AVL	Trojan/Generic.ASMalwS.34E78A6
Gridinsoft	Ransom.Win32.Sabsik.sa
Arcabit	Trojan.Bulz.D16F4
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 99)
AhnLab-V3	Trojan/Win.NK.C4827035
McAfee	RDN/Generic.hbg
MAX	malware (ai score=82)
VBA32	TScope.Trojan.MSIL
Cylance	Unsafe
APEX	Malicious
Yandex	Trojan.Agent!UVWGtG8ySrY
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_88%
Fortinet	MSIL/Injector.VRI!tr
AVG	Win32:InjectorX-gen [Trj]
Cybereason	malicious.a35820
Panda	Trj/GdSda.A