Malware

Bulz.77013 removal

Malware Removal

The Bulz.77013 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.77013 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests

Related domains:

dnsqa-m03.c644a3e76e438794c399ea1ccdb9206b.me

How to determine Bulz.77013?



File Info:

crc32: 32013F8F
md5: 0384f6c8df101e16b3d8a82d2a77e0dd
name: 0384F6C8DF101E16B3D8A82D2A77E0DD.mlw
sha1: f121fc12ad8e01bdfc5f2e58da90a37e44262272
sha256: 1e47fed540840bc6266b24c48aee25146d8f195b92f742690649534a435f3f2b
sha512: 642b3dc55c07b6adaa910eb6780c682eb52047e9a8b2da0b57dd338346267ba30521b02fdf06ddbc3dc4b77c583e6e67b4db1f68dc1adec5a28a2a46579ed3cf
ssdeep: 24576:CQiyct+zJxHdGXoiV6MaA7CDtcsMBTlP0QjcpMXVJoT:C95aJx9G4qp/Qt5Gpf8
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright:                                                                                                     
FileVersion:                     
CompanyName:                                                             
Comments: This installation was built with Inno Setup.
ProductName: TlQE4owpGiXc                                                
ProductVersion: 1.4                                               
FileDescription: TlQE4owpGiXc Setup                                          
Translation: 0x0000 0x04b0

Bulz.77013 also known as:

K7AntiVirusAdware ( 0054654b1 )
DrWebTrojan.MulDrop7.43433
CynetMalicious (score: 99)
ALYacTrojan.Agent.CONW
CylanceUnsafe
SangforSuspicious.Win32.Evo.gen
CrowdStrikewin/malicious_confidence_100% (D)
K7GWAdware ( 0054654b1 )
Cybereasonmalicious.8df101
CyrenW32/S-077f915b!Eldorado
SymantecPUA.Gen.2
ESET-NOD32multiple detections
APEXMalicious
AvastWin32:Evo-gen [Susp]
Kasperskynot-a-virus:AdWare.Win32.CloudScout.civ
BitDefenderGen:Variant.Bulz.77013
NANO-AntivirusTrojan.Win32.CloudGuard.euozjv
MicroWorld-eScanGen:Variant.Bulz.77013
TencentWin32.Adware.Cloudscout.Eem
SophosGeneric Reputation PUA (PUA)
ComodoApplicUnwnt@#gn3ehgn9sste
BitDefenderThetaGen:NN.ZemsilF.34266.tn0@au7WFsb
VIPRECloudScout
TrendMicroTROJ_GEN.R002C0PJE21
McAfee-GW-EditionBehavesLike.Win32.PUPInstaller.cc
FireEyeGen:Variant.Bulz.77013
EmsisoftGen:Variant.Bulz.77013 (B)
AviraHEUR/AGEN.1124694
MicrosoftTrojan:Win32/Occamy.C
GDataTrojan.Agent.CONW
McAfeeArtemis!0384F6C8DF10
MAXmalware (ai score=100)
VBA32Adware.CloudScout
MalwarebytesAdware.DNSUnlocker.Generic
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_GEN.R002C0PJE21
FortinetRiskware/CloudGuard
AVGWin32:Evo-gen [Susp]
Paloaltogeneric.ml

How to remove Bulz.77013?

Bulz.77013 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment