Malware

Bulz.635791 information

Malware Removal

The Bulz.635791 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Bulz.635791 virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous .NET characteristics

How to determine Bulz.635791?


File Info:

name: CE0BB6116C05FE39994E.mlw
path: /opt/CAPEv2/storage/binaries/8fe9abb980362b57b2fa44318743a79b12926c8637b5df038feab96059bb11a2
crc32: 8E0E827C
md5: ce0bb6116c05fe39994eb0aa82f7a512
sha1: 45493650cc8ea87304b40b4af16d6af718f06c27
sha256: 8fe9abb980362b57b2fa44318743a79b12926c8637b5df038feab96059bb11a2
sha512: 88860c18eef8efab68cbd3ef6c3326de80e35cf16b73170fc4effd0c1015a9727f9b65dbf779e3261acb16023c3524c10596583c00e5e205b781c72496465ec9
ssdeep: 393216:2s8CseZ8kjbPJo4GfnaKgyPmZEPyZHlTuc1O8SG/l:2s8CseZf/P2z5jPmQyuc1O8S
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C0D633CE2A008EBBC1B51931F5982F320225DF6AF999E7102D38B25232F75DA77169C5
sha3_384: a48e37b9a13112e03d7a37ad4154d83170982e2c0f17953997974f6059c75cc792dd468e84510c16541634dc6c7b9c6a
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-06-09 19:10:01

Version Info:

Translation: 0x0000 0x04b0
FileDescription:
FileVersion: 0.0.0.0
InternalName: NUMVALIDATOR.exe
LegalCopyright:
OriginalFilename: NUMVALIDATOR.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Bulz.635791 also known as:

MicroWorld-eScanGen:Variant.Bulz.635791
FireEyeGeneric.mg.ce0bb6116c05fe39
ALYacGen:Variant.Bulz.635791
CylanceUnsafe
SangforSuspicious.Win32.Save.a
BitDefenderThetaGen:NN.ZemsilF.34742.@t0@aiZDpPc
CyrenW32/MSIL_Kryptik.AVS.gen!Eldorado
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/TrojanDropper.Agent.EUX
KasperskyHEUR:Backdoor.MSIL.Bladabindi.gen
BitDefenderGen:Variant.Bulz.635791
AvastWin32:DropperX-gen [Drp]
Ad-AwareGen:Variant.Bulz.635791
EmsisoftGen:Variant.Bulz.635791 (B)
F-SecureHeuristic.HEUR/AGEN.1222294
McAfee-GW-EditionPWS-FCUY!CE0BB6116C05
Trapminemalicious.high.ml.score
SophosGeneric ML PUA (PUA)
IkarusTrojan-Dropper.MSIL.Agent
GDataGen:Variant.Bulz.635791
AviraHEUR/AGEN.1222294
ArcabitTrojan.Bulz.D9B38F
ZoneAlarmHEUR:Backdoor.MSIL.Bladabindi.gen
MicrosoftPWS:MSIL/Browsstl.GG!MTB
CynetMalicious (score: 99)
AhnLab-V3Malware/Win32.RL_Generic.C3551535
Acronissuspicious
McAfeePWS-FCUY!CE0BB6116C05
MAXmalware (ai score=86)
MalwarebytesTrojan.Crypt.MSIL.Generic
APEXMalicious
RisingTrojan.Generic@AI.100 (RDML:HWL+D533M0pATTyJPGGJww)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.EUX!tr
AVGWin32:DropperX-gen [Drp]
Cybereasonmalicious.16c05f

How to remove Bulz.635791?

Bulz.635791 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment