Malware

Bulz.590016 removal instruction

Malware Removal

The Bulz.590016 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.590016 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Bulz.590016?



File Info:

crc32: 251B9312
md5: aa83426bcc82c33e0fbc1ce96e0dfe95
name: AA83426BCC82C33E0FBC1CE96E0DFE95.mlw
sha1: 42178099287beffe1c632f52e1e6391b6cb75bca
sha256: 48d267f875bca7301f079a283305cba11ec8106e9ed76758c780ddb2cf847a59
sha512: 4edc5fdb8c01d94ba1252f7ba95d0d4f28c7ac9499a2cd9223f6230ef4005269db17c6e5d2287a7f1feaf5638afc178cd932c3bebb2a178e3726da5310496d99
ssdeep: 3072:9DZDVVA+DQ5JTOfEb18qFafjqvTwQJeWLq9NxbKejWGEjh:9zVAfqfER8qFOqv8eeWLqRb3dE
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright xa9 1997-2018 The PHP Group
InternalName: SIR8_12L tthewtfeb
FileVersion: 7.6.8
CompanyName: The PHP Group
URL: http://www.php.net
LegalTrademarks: PHP
Comments: Thanks to Stig Bakken, Thies C. Arntzen, Andy Sautins, David Benson, Maxim Maletsky, Harald Radi, Antony Dovgal, Andi Gutmans, Wez Furlong, Christopher Jones, Oracle Corporation
ProductName: SIR
ProductVersion: 7.6.8
FileDescription: OCI8
OriginalFilename: sir_ehh8_12h.dll
Translation: 0x0409 0x04b0

Bulz.590016 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
CylanceUnsafe
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderGen:Variant.Bulz.590016
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
SymantecPacked.Generic.517
ESET-NOD32a variant of Win32/Kryptik.HLYS
APEXMalicious
CynetMalicious (score: 100)
NANO-AntivirusVirus.Win32.Gen.ccmw
MicroWorld-eScanGen:Variant.Bulz.590016
Ad-AwareGen:Variant.Bulz.590016
SophosML/PE-A
BitDefenderThetaGen:NN.ZedlaF.34058.ku8@auwHpKpi
McAfee-GW-EditionBehavesLike.Win32.Drixed.cc
FireEyeGeneric.mg.aa83426bcc82c33e
EmsisoftGen:Variant.Bulz.590016 (B)
SentinelOneStatic AI – Suspicious PE
WebrootW32.Malware.Gen
AviraHEUR/AGEN.1143859
GDataGen:Variant.Bulz.590016
McAfeeDrixed-FJX!AA83426BCC82
MAXmalware (ai score=87)
RisingTrojan.Generic@ML.99 (RDML:FKJtDtjLX4jAGJvdFmbt3Q)
FortinetW32/Kryptik.HLYS!tr

How to remove Bulz.590016?

Bulz.590016 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment