Malware

About “Bulz.636369” infection

Malware Removal

The Bulz.636369 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.636369 virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs

How to determine Bulz.636369?



File Info:

name: 74AAB0946E035A92EC37.mlw
path: /opt/CAPEv2/storage/binaries/c5afacfc10012bd38b945696e5870a3ab93b581dfb099e265820d2d489cb5c44
crc32: F3A364F3
md5: 74aab0946e035a92ec374724ebc5f9a4
sha1: 3b2b5dd3d986762b2ba7864726a94e2e32ac1bb1
sha256: c5afacfc10012bd38b945696e5870a3ab93b581dfb099e265820d2d489cb5c44
sha512: d55460ac3b0790bb2cc491b6724d5635f88e4176b03c91030344ee979be19fc4491c544f73528e7493042971941a9a6c120a860f3e2fe2e282fe40250e9a3a76
ssdeep: 3072:KJY09ZJl0jSxZDcGQeuXYOGcFF6z6z9B3Z7jKjCH2loZDLkt7Fb0hgOBwLHD7v9p:KC1Kcm68zJlacFb6gYS7v
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1A9045B18AFC1CF86C7AB0F749523116156B1B9461312E3876DC62AEC2D433ED781A7EB
sha3_384: 520f695ebdb72265f6d2c22586505c1a61a9f99a6fafbbfb91e5fec74da96a753418001b1ecaf20e4eb686d7ec8f3897
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-11-23 11:51:17


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: SharpMonoInjector.Console
FileVersion: 1.0.0.0
InternalName: smi.exe
LegalCopyright: Copyright ©  2019
LegalTrademarks: 
OriginalFilename: smi.exe
ProductName: SharpMonoInjector.Console
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Bulz.636369 also known as:

MicroWorld-eScanGen:Variant.Bulz.636369
FireEyeGeneric.mg.74aab0946e035a92
McAfeeArtemis!74AAB0946E03
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojan:Application/MsilInj.04be129c
K7GWRiskware ( 0040eff71 )
CrowdStrikewin/malicious_confidence_80% (W)
SymantecML.Attribute.HighConfidence
APEXMalicious
Paloaltogeneric.ml
BitDefenderGen:Variant.Bulz.636369
Ad-AwareGen:Variant.Bulz.636369
SophosMal/MsilInj-G
McAfee-GW-EditionArtemis!Trojan
EmsisoftGen:Variant.Bulz.636369 (B)
GDataGen:Variant.Bulz.636369
AviraHEUR/AGEN.1114851
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 99)
BitDefenderThetaGen:NN.ZemsilF.34294.km0@aeoww5m
ALYacGen:Variant.Bulz.636369
MAXmalware (ai score=88)
TrendMicro-HouseCallTROJ_GEN.R002H09KN21
SentinelOneStatic AI – Malicious PE
FortinetPossibleThreat
Cybereasonmalicious.3d9867

How to remove Bulz.636369?

Bulz.636369 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment