Malware

What is “Bulz.6028”?

Malware Removal

The Bulz.6028 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.6028 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Unconventionial language used in binary resources: Japanese
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Bulz.6028?



File Info:

name: 0570B6FF4E67E6CE59AC.mlw
path: /opt/CAPEv2/storage/binaries/f3ef244d9df4405d26ad3d08f9ddba75d6a96b94b26c43cd75fd43fdd28a01ca
crc32: 6FFAB9DE
md5: 0570b6ff4e67e6ce59ac5e54c7eb4d3c
sha1: 8dd62599fa091e73cb4f78465aaee5f0c3120199
sha256: f3ef244d9df4405d26ad3d08f9ddba75d6a96b94b26c43cd75fd43fdd28a01ca
sha512: 1c5ef0d30f4516b72ea6e17bcb4d1793c19736c421a7d358aeabf0ebbb6d9183feeabcfa761994cc6af480b2144a60d2fa39f47c592277eb6ffa9f9909630960
ssdeep: 49152:vdljMZNKgnrY1RRRxv1zSZw4TFy9o0eNBQ:vdljM3/mpx5SZZEo0eNBQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E595CF91F1C381BAC4E20531015B637AE277AF0E442898E767983EB76F716528F3964F
sha3_384: 0552289f18d8224e6a4351e18ed9798ca4786364d1db68cf6e64991c462545a8962931f67ecdaca4256c29d8dfe31120
ep_bytes: 64a1300000008b400c8b400c8b008b00
timestamp: 2014-11-05 06:31:13


Version Info:

Comments: 
CompanyName: 
FileDescription: 
FileVersion: 1, 0, 0, 0
InternalName: 
LegalCopyright: 
LegalTrademarks: 
OriginalFilename: 
PrivateBuild: 
ProductName: YU-RIS Script Engine
ProductVersion: 0, 466, 0, 0
SpecialBuild: 
Translation: 0x0411 0x04b0

Bulz.6028 also known as:

LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanGen:Variant.Bulz.6028
CAT-QuickHealTrojan.Skeeyah.10070
ALYacGen:Variant.Bulz.6028
CylanceUnsafe
ZillyaAdware.Linkun.Win32.1849
CyrenW32/Virtumonde!Generic
BitDefenderGen:Variant.Bulz.6028
NANO-AntivirusVirus.Win32.Gen.ccmw
Ad-AwareGen:Variant.Bulz.6028
EmsisoftGen:Variant.Bulz.6028 (B)
VIPREVirtumonde
McAfee-GW-EditionArtemis
FireEyeGen:Variant.Bulz.6028
GDataGen:Variant.Bulz.6028
JiangminTrojan.GenericKD.auj
WebrootW32.Trojan.Gen
MAXmalware (ai score=87)
ArcabitTrojan.Bulz.D178C
MicrosoftTrojan:Win32/Skeeyah.A!bit
McAfeeArtemis!0570B6FF4E67
VBA32BScope.Trojan-Spy.Win32.Zbot
RisingTrojan.Generic@ML.93 (RDML:6fLp6kW1UGJybKGTmbSR8Q)
Cybereasonmalicious.f4e67e
PandaTrj/Chgt.O

How to remove Bulz.6028?

Bulz.6028 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment