Malware

Bulz.653310 information

Malware Removal

The Bulz.653310 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.653310 virus can do?

  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

wpad.local-net

How to determine Bulz.653310?



File Info:

name: 8F2A6C2547984FF71970.mlw
path: /opt/CAPEv2/storage/binaries/44afd6c691088116ccbf04d62a33dffe00dbfb744d3977b6750113967861e7f9
crc32: CF77508D
md5: 8f2a6c2547984ff71970c83dfc0e5941
sha1: ea684b758ba76c937ca6847c8014027882476b33
sha256: 44afd6c691088116ccbf04d62a33dffe00dbfb744d3977b6750113967861e7f9
sha512: cb7c33c3e3421c3b307824b3fc04257ab7494e085413ea0a38bfadac9f86d62f57d216d59ba73c7201edc4eaae8b8b5e3f4336dc521dfededf623ab9fa4256b9
ssdeep: 96:RzPLdRjowyI3eKxbbjDN792+jlH3x2PQgkVbhSTIoDCYQCWwOgzNt:J7GIue/nF92+jlh2PJkcddWu
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T15EF1B712B7F8C245F5FB4F752CB2A7005635FD976922C6AE188440192D36A44CFB1B71
sha3_384: 07c324ef349fcdf23cfd314db7ad3c9509529c2ff1db9e523aa745c36fc8aece28940afce8f648f34dfff8ea2ef94b98
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2021-08-31 05:53:05


Version Info:

Translation: 0x0000 0x04b0
Comments: Shell Infrastructure Host
FileDescription: Shell Infrastructure Host
FileVersion: 10.0.19041.746
InternalName: ocean144i-watchdog.exe
LegalCopyright: © Microsoft Corporation. All Rights Reserved.
OriginalFilename: ocean144i-watchdog.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.746
Assembly Version: 0.0.0.0

Bulz.653310 also known as:

Elasticmalicious (high confidence)
DrWebTrojan.MinerNET.23
MicroWorld-eScanGen:Variant.Bulz.653310
McAfeeCoinMiner-FCT!8F2A6C254798
AlibabaTrojan:MSIL/Coinminer.31aca348
CyrenW64/MSIL_Coinminer.C.gen!Eldorado
ESET-NOD32a variant of Win32/CoinMiner.CGV
APEXMalicious
ClamAVWin.Trojan.Bulz-9879448-0
KasperskyHEUR:Trojan.MSIL.DOTHETUK.gen
BitDefenderGen:Variant.Bulz.653310
AvastWin64:CoinminerX-gen [Trj]
Ad-AwareGen:Variant.Bulz.653310
SophosTroj/CoinMinr-B
McAfee-GW-EditionCoinMiner-FCT!8F2A6C254798
FireEyeGeneric.mg.8f2a6c2547984ff7
EmsisoftGen:Variant.Bulz.653310 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Bulz.653310
AviraHEUR/AGEN.1143065
ArcabitTrojan.Bulz.D9F7FE
MicrosoftTrojan:MSIL/Coinminer.GA!MTB
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C4564077
ALYacGen:Variant.Bulz.653310
MAXmalware (ai score=83)
IkarusTrojan.Win32.CoinMiner
eGambitUnsafe.AI_Score_86%
FortinetMSIL/CoinMiner.CGV!tr
AVGWin64:CoinminerX-gen [Trj]
MaxSecureTrojan.Malware.300983.susgen

How to remove Bulz.653310?

Bulz.653310 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment