Malware

Bulz.683404 removal guide

Malware Removal

The Bulz.683404 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Bulz.683404 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine Bulz.683404?


File Info:

name: B32F189DC452F825F4B3.mlw
path: /opt/CAPEv2/storage/binaries/4975a6d7972bbb9a24e246213033519479abb11c8ceb2a44c77a05e030becb6b
crc32: D70B6233
md5: b32f189dc452f825f4b37efc51d9151b
sha1: 51a54236b0b48a80509b401fc8ea8e5539f1712b
sha256: 4975a6d7972bbb9a24e246213033519479abb11c8ceb2a44c77a05e030becb6b
sha512: 4785aacc2eabb1ef9b1eceed09228baf4850442db1c711cf4df22cffc75197dc900e695f0f3755d1482580650f1a2f0dd95827ea5042be3189986092a273daa9
ssdeep: 768:Sqh9uDzlboanKjT4UeMJbYEHbXb/TuL9jkkETNqnG9bY42gbfFrUI8wcsLsUPysU:Sq21pnKY+JvLDWF58JDj8OhQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11AA35C9296402AC4D7400A3DCC518EDD05167F209C1BAE4B7686FB1C6CBDFD7AAF4AC6
sha3_384: 7addcf8b8271559a36bfb871a01db6d612cf0b2f99bce70443e2eb37e629797ca042e31bb58d4c2dbfa4bc1859db463e
ep_bytes: 68a4174000e8f0ffffff000000000000
timestamp: 2013-12-28 05:02:05

Version Info:

Translation: 0x0409 0x04b0
Comments: LightFlame
CompanyName: LightFlame
FileDescription: LightFlame
ProductName: LightFlame
FileVersion: 1.00
ProductVersion: 1.00
InternalName: desserttallerkeners
OriginalFilename: desserttallerkeners.exe

Bulz.683404 also known as:

CynetMalicious (score: 100)
McAfeeGuLoader-FCTL!B32F189DC452
AlibabaTrojanDownloader:Win32/GuLoader.247fd626
Cybereasonmalicious.dc452f
VirITTrojan.Win32.VBZenPack_Heur
SymantecTrojan.Gen.MBT
Elasticmalicious (high confidence)
ESET-NOD32Win32/TrojanDownloader.Agent.FCS
APEXMalicious
ClamAVWin.Trojan.Guloader-9895445-0
KasperskyTrojan.Win32.Mucc.qom
BitDefenderGen:Variant.Bulz.683404
MicroWorld-eScanGen:Variant.Bulz.683404
AvastWin32:Trojan-gen
Ad-AwareGen:Variant.Bulz.683404
EmsisoftGen:Variant.Bulz.683404 (B)
F-SecureHeuristic.HEUR/AGEN.1239162
VIPREGen:Variant.Bulz.683404
McAfee-GW-EditionGuLoader-FCTL!B32F189DC452
Trapminesuspicious.low.ml.score
FireEyeGeneric.mg.b32f189dc452f825
SophosMal/Generic-S
AviraHEUR/AGEN.1239162
MicrosoftTrojan:Win32/Wacatac.B!ml
ArcabitTrojan.Bulz.DA6D8C
ZoneAlarmTrojan.Win32.Mucc.qom
GDataGen:Variant.Bulz.683404
GoogleDetected
ALYacGen:Variant.Bulz.683404
MAXmalware (ai score=85)
TencentWin32.Trojan-Downloader.Oader.Dnhl
MaxSecureTrojan.Malware.300983.susgen
BitDefenderThetaGen:NN.ZevbaF.34682.gm0@aqsBwVii
AVGWin32:Trojan-gen
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Bulz.683404?

Bulz.683404 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment