Bulz.792741 removal guide

The Bulz.792741 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Bulz.792741 virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid

How to determine Bulz.792741?


File Info:
name: A2BA9CF80162E50104F5.mlw
path: /opt/CAPEv2/storage/binaries/12afc20153408029b7464b38d30d217396f512cc3b717e6e58724c26c99fd1bd
crc32: 6A9E78FF
md5: a2ba9cf80162e50104f5ffc431680c5e
sha1: 61a53cbcf0d4e1ddfc91f34eb6f5f561ed574421
sha256: 12afc20153408029b7464b38d30d217396f512cc3b717e6e58724c26c99fd1bd
sha512: b21a933fd7b438c9baf366e988072c756f725117178d85c07344b2fb09e3579e2787533215bd26f8a2d1cb81290dca781e3e2f27d438e2ce38a00b18c21214f9
ssdeep: 384:cYW1SSM9uDLCy1BzLRcvB12nY2LHZIWKX/Wx:IJ/fnRc2YIH0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18A4387F08FF9B9A5E1152073B864B13C37DB5D0EDC65583AE69BF50A34628C220E5E1B
sha3_384: c6eeb042830e169b931c3b03a45e336279b511d3c53f1a7c2421d3c0e9732d3a504a7ca26373a0637cb1a98d99cdc97f
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-01-04 11:53:02

Version Info:
Translation: 0x0000 0x04b0
Comments: Services and Controller app
CompanyName: Microsoft Corporation
FileDescription: Services and Controller app
FileVersion: 10.0.14393.4169
InternalName: ConsoleApp4.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
LegalTrademarks: 
OriginalFilename: ConsoleApp4.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.14393.4169
Assembly Version: 10.0.14393.4169

Bulz.792741 also known as:

Lionic	Trojan.MSIL.PsDownload.a!c
Elastic	malicious (high confidence)
DrWeb	Trojan.Inject4.23607
MicroWorld-eScan	Gen:Variant.Bulz.792741
FireEye	Generic.mg.a2ba9cf80162e501
McAfee	Artemis!A2BA9CF80162
Cylance	Unsafe
Sangfor	Backdoor.MSIL.Androm.gen
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Backdoor:MSIL/AgentTesla.4e770e0f
K7GW	Riskware ( 0040eff71 )
K7AntiVirus	Riskware ( 0040eff71 )
BitDefenderTheta	Gen:NN.ZemsilF.34160.dm0@aCv@cJc
Cyren	W32/MSIL_Agent.COK.gen!Eldorado
Symantec	MSIL.Downloader!gen7
ESET-NOD32	a variant of MSIL/TrojanDownloader.Agent.JXS
TrendMicro-HouseCall	TROJ_GEN.R03FC0WA722
Paloalto	generic.ml
Kaspersky	HEUR:Backdoor.MSIL.Androm.gen
BitDefender	Gen:Variant.Bulz.792741
Avast	Win32:MalwareX-gen [Trj]
Ad-Aware	Gen:Variant.Bulz.792741
Emsisoft	Gen:Variant.Bulz.792741 (B)
TrendMicro	TROJ_GEN.R03FC0WA722
McAfee-GW-Edition	Artemis!Trojan
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
Webroot	W32.Trojan.Gen
Avira	TR/Dldr.Agent.rqude
MAX	malware (ai score=100)
Antiy-AVL	Trojan/Generic.ASMalwS.35015DE
Gridinsoft	Ransom.Win32.Sabsik.sa
Microsoft	Trojan:MSIL/AgentTesla.DXB!MTB
GData	Gen:Variant.Bulz.792741
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.C4897513
VBA32	TScope.Trojan.MSIL
ALYac	Gen:Variant.Bulz.792741
Malwarebytes	Trojan.Downloader.MSIL.Generic
APEX	Malicious
Yandex	Trojan.DL.Agent!TN5LaTKLG8w
Ikarus	Trojan-Downloader.MSIL.Agent
Fortinet	MSIL/Agent.EQ!tr.dldr
AVG	Win32:MalwareX-gen [Trj]
Cybereason	malicious.cf0d4e
Panda	Trj/GdSda.A

How to remove Bulz.792741?

Bulz.792741 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X