Bulz.683404 removal guide

The Bulz.683404 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Bulz.683404 virus can do?

Behavioural detection: Executable code extraction – unpacking
Yara rule detections observed from a process memory dump/dropped files/CAPE
CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine Bulz.683404?


File Info:
name: B32F189DC452F825F4B3.mlw
path: /opt/CAPEv2/storage/binaries/4975a6d7972bbb9a24e246213033519479abb11c8ceb2a44c77a05e030becb6b
crc32: D70B6233
md5: b32f189dc452f825f4b37efc51d9151b
sha1: 51a54236b0b48a80509b401fc8ea8e5539f1712b
sha256: 4975a6d7972bbb9a24e246213033519479abb11c8ceb2a44c77a05e030becb6b
sha512: 4785aacc2eabb1ef9b1eceed09228baf4850442db1c711cf4df22cffc75197dc900e695f0f3755d1482580650f1a2f0dd95827ea5042be3189986092a273daa9
ssdeep: 768:Sqh9uDzlboanKjT4UeMJbYEHbXb/TuL9jkkETNqnG9bY42gbfFrUI8wcsLsUPysU:Sq21pnKY+JvLDWF58JDj8OhQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11AA35C9296402AC4D7400A3DCC518EDD05167F209C1BAE4B7686FB1C6CBDFD7AAF4AC6
sha3_384: 7addcf8b8271559a36bfb871a01db6d612cf0b2f99bce70443e2eb37e629797ca042e31bb58d4c2dbfa4bc1859db463e
ep_bytes: 68a4174000e8f0ffffff000000000000
timestamp: 2013-12-28 05:02:05

Version Info:
Translation: 0x0409 0x04b0
Comments: LightFlame
CompanyName: LightFlame
FileDescription: LightFlame
ProductName: LightFlame
FileVersion: 1.00
ProductVersion: 1.00
InternalName: desserttallerkeners
OriginalFilename: desserttallerkeners.exe

Bulz.683404 also known as:

Cynet	Malicious (score: 100)
McAfee	GuLoader-FCTL!B32F189DC452
Alibaba	TrojanDownloader:Win32/GuLoader.247fd626
Cybereason	malicious.dc452f
VirIT	Trojan.Win32.VBZenPack_Heur
Symantec	Trojan.Gen.MBT
Elastic	malicious (high confidence)
ESET-NOD32	Win32/TrojanDownloader.Agent.FCS
APEX	Malicious
ClamAV	Win.Trojan.Guloader-9895445-0
Kaspersky	Trojan.Win32.Mucc.qom
BitDefender	Gen:Variant.Bulz.683404
MicroWorld-eScan	Gen:Variant.Bulz.683404
Avast	Win32:Trojan-gen
Ad-Aware	Gen:Variant.Bulz.683404
Emsisoft	Gen:Variant.Bulz.683404 (B)
F-Secure	Heuristic.HEUR/AGEN.1239162
VIPRE	Gen:Variant.Bulz.683404
McAfee-GW-Edition	GuLoader-FCTL!B32F189DC452
Trapmine	suspicious.low.ml.score
FireEye	Generic.mg.b32f189dc452f825
Sophos	Mal/Generic-S
Avira	HEUR/AGEN.1239162
Microsoft	Trojan:Win32/Wacatac.B!ml
Arcabit	Trojan.Bulz.DA6D8C
ZoneAlarm	Trojan.Win32.Mucc.qom
GData	Gen:Variant.Bulz.683404
Google	Detected
ALYac	Gen:Variant.Bulz.683404
MAX	malware (ai score=85)
Tencent	Win32.Trojan-Downloader.Oader.Dnhl
MaxSecure	Trojan.Malware.300983.susgen
BitDefenderTheta	Gen:NN.ZevbaF.34682.gm0@aqsBwVii
AVG	Win32:Trojan-gen
Panda	Trj/Genetic.gen
CrowdStrike	win/malicious_confidence_70% (W)

How to remove Bulz.683404?

Bulz.683404 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X