Malware

Bulz.603822 removal

Malware Removal

The Bulz.603822 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.603822 virus can do?

  • Dynamic (imported) function loading detected
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

wpad.local-net

How to determine Bulz.603822?



File Info:

name: 892B996341FA7D1C4E9A.mlw
path: /opt/CAPEv2/storage/binaries/ccd2ab1af8b1771dbc8b5c3c6aee16b23a2027222bd2c0883452eb0871daa405
crc32: CC65B629
md5: 892b996341fa7d1c4e9ad75b1f9eb712
sha1: b81bc343fb61806d4983e0bc57e0db938f96216f
sha256: ccd2ab1af8b1771dbc8b5c3c6aee16b23a2027222bd2c0883452eb0871daa405
sha512: f8d73df9d1e2d113a2de7904922f5de8602f4a1e4ce370c6aa7447ef147824a1055b8567d569fca45babb3d60efbcd20af79a949253f2f0b34da0d3373d3bdd6
ssdeep: 12288:JATsKtj3jZzcLuPdLF+fxw6qUKvHuzSWw:fKtz2uPF8+5GzSWw
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T17AF46CE07EB8C54BF36040B584E5DBB55BB9796C2E59C5CA1CA778CD3B68B288C90703
sha3_384: d88e89a740b5256a89505823972dfd3d60bb2c0d8eed6259fa8fe48fdef41f2c1e6592be22b270976f2e99f9323a77fa
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2021-08-27 10:26:21


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: 
FileVersion: 1.0
InternalName: iBaseult.exe
LegalCopyright: 
LegalTrademarks: 
OriginalFilename: iBaseult.exe
ProductName: 
ProductVersion: 1.0
Assembly Version: 1.0.0.0

Bulz.603822 also known as:

LionicRiskware.Win32.Bulz.1!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.603822
FireEyeGen:Variant.Bulz.603822
CAT-QuickHealTrojan.WacatacFC.S15904541
ALYacGen:Variant.Bulz.603822
K7AntiVirusTrojan ( 00565b761 )
AlibabaHoax:MSIL/FakeHack.5a30ec69
K7GWTrojan ( 00565b761 )
Cybereasonmalicious.341fa7
SymantecTrojan.Gen.2
ESET-NOD32a variant of MSIL/Hoax.FakeHack.BQO
TrendMicro-HouseCallTROJ_GEN.R002H0CKN21
ClamAVWin.Malware.Ursu-9891857-0
BitDefenderGen:Variant.Bulz.603822
AvastWin64:MiscX-gen [PUP]
TencentWin32.Trojan.Bulz.Dztr
Ad-AwareGen:Variant.Bulz.603822
SophosMal/Generic-S
McAfee-GW-EditionGenericRXLG-VZ!892B996341FA
SentinelOneStatic AI – Malicious PE
EmsisoftGen:Variant.Bulz.603822 (B)
GDataGen:Variant.Bulz.603822
AviraJOKE/FakeHack.kykoy
GridinsoftRansom.Win64.Wacatac.sa
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win64.RL_Generic.C4280513
McAfeeGenericRXLG-VZ!892B996341FA
MalwarebytesMalware.AI.4236692625
MAXmalware (ai score=81)
FortinetRiskware/FakeHack
AVGWin64:MiscX-gen [PUP]

How to remove Bulz.603822?

Bulz.603822 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment