Malware

About “Bulz.631968” infection

Malware Removal

The Bulz.631968 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.631968 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Bulz.631968?



File Info:

name: AB863CA3D1D52E562715.mlw
path: /opt/CAPEv2/storage/binaries/286fdc0b0ae24015268d161168252642a62b7abea497e908f7a4b9f553f676a7
crc32: 9AF4A637
md5: ab863ca3d1d52e562715e08890d65820
sha1: e002c1a5567953701bbc01ec9be67911b3a4dc77
sha256: 286fdc0b0ae24015268d161168252642a62b7abea497e908f7a4b9f553f676a7
sha512: abe1314c4733f4d3975a7f1abd5d57799472b84747409f6eb313de974a87171f4fc3b3983dc24088bf3cd3fb781c8fd5705cf04937081261ea5405cefb7e8035
ssdeep: 6144:E5aWbksiNTBu2Pb2U1sqItJSahJpdJtZX:E5atNTk2PbNs9JSahBJX
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T15124D041F2E241F3E6E2053100B5716EEB7676389B24E8DBC34C2D126953AD6A73D3E8
sha3_384: c6697918eab94a7e694f9ebea2294320bc167335c434647b72f561a9d10a9a04041b536e6c84622c880f057d8a4b1dfc
ep_bytes: 68ac00000068000000006868804100e8
timestamp: 2018-02-01 20:18:05


Version Info:

FileVersion: 3.0
ProductVersion: 3.0
ProductName: SolidClient
OriginalFilename: THIS IS FAKE ;)
InternalName: SolidClient
FileDescription: SolidClient
CompanyName: SquareShop
LegalTrademarks: SquareShop
LegalCopyright: SquareShop
PrivateBuild: fake
SpecialBuild: fake
Comments: fake
Translation: 0x0000 0x04e4

Bulz.631968 also known as:

BkavW32.AIDetect.malware2
MicroWorld-eScanGen:Variant.Bulz.631968
FireEyeGeneric.mg.ab863ca3d1d52e56
McAfeeRDN/Generic.grp
MalwarebytesMalware.Heuristic.1008
Cybereasonmalicious.3d1d52
ArcabitTrojan.Bulz.D9A4A0
BitDefenderThetaGen:NN.ZexaF.34062.nu0@aaUhGbn
CyrenW32/Delf.MV.gen!Eldorado
SymantecML.Attribute.HighConfidence
TrendMicro-HouseCallTROJ_GEN.R002C0PJS21
Paloaltogeneric.ml
BitDefenderGen:Variant.Bulz.631968
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Bulz.631968
EmsisoftGen:Variant.Bulz.631968 (B)
TrendMicroTROJ_GEN.R002C0PJS21
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.dc
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Malicious PE
MAXmalware (ai score=83)
MicrosoftTrojan:Script/Phonzy.A!ml
GDataGen:Variant.Bulz.631968
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.Generic.C4009307
Acronissuspicious
ALYacGen:Variant.Bulz.631968
APEXMalicious
RisingTrojan.Generic@ML.97 (RDML:fZGgTd4Au+IDCaLLZvciaw)
IkarusPUA.BAT.Riskware
eGambitUnsafe.AI_Score_98%
FortinetW32/PossibleThreat
AVGWin32:Malware-gen
PandaTrj/CI.A

How to remove Bulz.631968?

Bulz.631968 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment