Malware

Bulz.713649 removal guide

Malware Removal

The Bulz.713649 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.713649 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • A process attempted to delay the analysis task.
  • Dynamic (imported) function loading detected
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • Executed a very long command line or script command which may be indicative of chained commands or obfuscation
  • Authenticode signature is invalid
  • A scripting utility was executed
  • A script or command line contains a long continuous string indicative of obfuscation

How to determine Bulz.713649?



File Info:

name: 74C3F98314F49248D223.mlw
path: /opt/CAPEv2/storage/binaries/490bac101a8b84015429e88a48fe064672835fffa5a34ec67b03970d6321ba2a
crc32: 9D7A32C7
md5: 74c3f98314f49248d22340f8dd830aee
sha1: 69ed6e9a61ceb71eee81236be915a974ec199349
sha256: 490bac101a8b84015429e88a48fe064672835fffa5a34ec67b03970d6321ba2a
sha512: 86755cb04471d890ac75f1f7c4c11e8fa0b568f5f2baf90b0e277d4a721ef1974d417cf36f621ecb3b73e75c168d94487828fdeb54128ef15682fb67718cde8b
ssdeep: 384:pOe0ciqTpjgWi7jRgSOFckOFKN37WG2SCllKJnnUOFKNjOFc:pFcrFK17n7FKIFc
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18EE2FD3DA188F092E075A67387A2D3B87B172D2279720D465DC11F2FBC3D6827D9096E
sha3_384: a37f14b49e2e890b21f11e2a2662e72b7b4ec4f0a509cc023b87493b793f19ec46ba24f1f8835b119c410a21e8d55cd7
ep_bytes: 6868124000e8eeffffff000000000000
timestamp: 2021-09-09 14:53:59


Version Info:

Translation: 0x0409 0x04b0
ProductName: Project1
FileVersion: 1.00
ProductVersion: 1.00
InternalName: TEST
OriginalFilename: TEST.exe

Bulz.713649 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Bsymem.4!c
MicroWorld-eScanGen:Variant.Bulz.713649
FireEyeGeneric.mg.74c3f98314f49248
ALYacGen:Variant.Bulz.713649
CylanceUnsafe
SangforTrojan.Win32.Bsymem.adgi
K7AntiVirusTrojan ( 005885e41 )
AlibabaTrojanDownloader:Win32/Bsymem.cb8f210e
K7GWTrojan ( 005885e41 )
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32PowerShell/TrojanDownloader.Agent.EKS
TrendMicro-HouseCallTrojan.Win32.SABSIK.AA
Paloaltogeneric.ml
KasperskyTrojan.Win32.Bsymem.adgi
BitDefenderGen:Variant.Bulz.713649
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Bulz.713649
SophosMal/Generic-S
ComodoMalware@#2cm97bpvsq9my
ZillyaDownloader.Agent.Script.5802
TrendMicroTrojan.Win32.SABSIK.AA
McAfee-GW-EditionBehavesLike.Win32.Trojan.nz
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Bulz.713649 (B)
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Bulz.713649
JiangminTrojanDownloader.VB.ehla
WebrootW32.Malware.Gen
AviraTR/Bsymem.wdonj
MAXmalware (ai score=83)
KingsoftWin32.Troj.Generic_a.a.(kcloud)
ArcabitTrojan.Bulz.DAE3B1
CynetMalicious (score: 99)
McAfeeArtemis!74C3F98314F4
VBA32TScope.Trojan.VB
MalwarebytesTrojan.Downloader
APEXMalicious
RisingDownloader.Agent!8.B23 (CLOUD)
IkarusTrojan-Downloader.PowerShell.Agent
MaxSecureTrojan.Malware.300983.susgen
FortinetPossibleThreat.PALLAS.H
AVGWin32:Malware-gen
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Bulz.713649?

Bulz.713649 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment