Categories: Malware

What is “Bulz.638145”?

The Bulz.638145 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Bulz.638145 virus can do?

Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Bulz.638145?


File Info:
name: 9F0D10048A720E1001BC.mlwpath: /opt/CAPEv2/storage/binaries/851fb328616a6e33239bf816b983b31de305c2ba1564e7a9228933c55e5597e7crc32: CF742629md5: 9f0d10048a720e1001bc6a2bc9cd5fc6sha1: 65d62f6c3b356ad9cd980af81e35fc3ecce4e57asha256: 851fb328616a6e33239bf816b983b31de305c2ba1564e7a9228933c55e5597e7sha512: aef3d0f470b480ac15512eb08db2d5f6d2a6df2dd07f326111a854ee0eaf1df7f0826cd52c8eb0ec78e7a1d206e924f8974570909172a10f3589df11e42f6050ssdeep: 768:DMGnYmtcLDs/saQRF7DeUfc2coKdJBexLvDCcSjXO3XJAv8RRzIXMOih/e0:voLDYsacF7HcboCJBOCcXXJACKihZtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1AA13BF5326E46467FA938A3109B7A737CFB7D7100622059B07643E6F6E703839E1B187sha3_384: 4f0cc5581ac3b7acfadcb77c92d4388fffa7bf76fa315d7e7622699f421cec40359dbb072ba38f0be5f11c54d4aaad56ep_bytes: 81c480feffff53555631c057895c2418timestamp: 2009-12-05 22:50:35
Version Info:
Comments: 4nV2hXMn1gM4sfqrkrwBlzijQqmhFileDescription: Download da InternetInternalName: 4nV2hXMn1gM4sfqrLegalCopyright: 4nV2hXMn1gM4sfLegalTrademarks: 4nV2hXMn1gM4sfqrkrwBOriginalFilename: 4nV2hXMn1gM4sfqrkrwBTranslation: 0x0000 0x04e4

Bulz.638145 also known as:

tehtris	Generic.Malware
MicroWorld-eScan	Gen:Variant.Bulz.638145
FireEye	Generic.mg.9f0d10048a720e10
CAT-QuickHeal	SftwrBndlr.NSIS.Fourthrem.B
Cylance	unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/grayware_confidence_90% (D)
Baidu	NSIS.Adware.AdLoad.c
Cyren	W32/Adload.ZYAC-0944
Elastic	malicious (high confidence)
ESET-NOD32	NSIS/Fraudster.A
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	not-a-virus:AdWare.Win32.AdLoad.flrs
BitDefender	Gen:Variant.Bulz.638145
NANO-Antivirus	Trojan.Nsis.Fraudster.dylxrk
SUPERAntiSpyware	PUP.AdLoad/Variant
Avast	NSIS:AdwareX-gen [Adw]
Emsisoft	Gen:Variant.Bulz.638145 (B)
DrWeb	Trojan.Fraudster.2374
VIPRE	Gen:Variant.Bulz.638145
TrendMicro	PAK_Xed-21
McAfee-GW-Edition	BehavesLike.Win32.Generic.ph
Trapmine	malicious.high.ml.score
Sophos	Generic ML PUA (PUA)
GData	NSIS.Application.Fourthrem.A
Jiangmin	Adware/Adload.anj
Antiy-AVL	GrayWare[Downloader]/Win32.Adload.gen
Arcabit	Trojan.Bulz.D9BCC1
ZoneAlarm	not-a-virus:AdWare.Win32.AdLoad.flrs
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	PUP/Win.Adload.C5391597
Acronis	suspicious
ALYac	Gen:Variant.Bulz.638145
MAX	malware (ai score=85)
Malwarebytes	Adload.Adware.Downloader.DDS
TrendMicro-HouseCall	PAK_Xed-21
MaxSecure	Adware.W32.AdLoad.flrs_251898
Fortinet	Adware/AdLoad.FLXZ
AVG	NSIS:AdwareX-gen [Adw]
Cybereason	malicious.48a720
DeepInstinct	MALICIOUS