Malware

Bulz.825280 (file analysis)

Malware Removal

The Bulz.825280 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.825280 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • CAPE detected the PyInstaller malware family

How to determine Bulz.825280?



File Info:

name: 825FB2BC58C53A367C7A.mlw
path: /opt/CAPEv2/storage/binaries/a086554f3fe62b753cc1b10dddf6e1cc9ab04a9b8e638b8b9f4fdae774edb058
crc32: 6007155F
md5: 825fb2bc58c53a367c7a55279dba3d57
sha1: 9246ff11e55446ec68baf6d501b2a80f95169676
sha256: a086554f3fe62b753cc1b10dddf6e1cc9ab04a9b8e638b8b9f4fdae774edb058
sha512: 041a69b5c20757f82f33d8f86d76fc0912ca94e61dbdfda1cd10f73b5dfa82f75bc4ffcd639484db75acbe5c9e48d884484236171c905137c10ec2c7a7983764
ssdeep: 196608:O5AzNJTszGPQ4WMtzsj8KSnvXW/mAgZzNFBKiLdahMhPPv2Z2Rek0xlpb:OuvoAtK4yIr0maQ9Rp01
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A5A633DA3B229816FB2376FF4FF567B791F1A92741942A169F048FE818E01D4C18C2E5
sha3_384: fcd9b47e2bc7faa24be31a932e65ccd7de7015f307548a5792dd6768fd5e4dce699216bdb130420533979b84caac22b2
ep_bytes: 558bec81ecf40300005356576a205f33
timestamp: 2021-09-25 21:55:49


Version Info:

0: [No Data]

Bulz.825280 also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.4!c
FireEyeGen:Variant.Bulz.825280
ALYacGen:Variant.Bulz.825280
SymantecTrojan.Gen.2
APEXMalicious
BitDefenderGen:Variant.Bulz.825280
AvastWin32:RATX-gen [Trj]
EmsisoftGen:Variant.Bulz.825280 (B)
GDataWin32.Trojan.PSE.T3TB1E
JiangminTrojan.PSW.Python.fd
Antiy-AVLTrojan/Generic.ASMalwS.34559CE
MicrosoftPUA:Win32/Puamson.A!ml
McAfeeArtemis!825FB2BC58C5
MAXmalware (ai score=81)
FortinetW32/PossibleThreat
BitDefenderThetaGen:NN.ZexaF.34062.@xZ@aKD@Lqg
AVGWin32:RATX-gen [Trj]

How to remove Bulz.825280?

Bulz.825280 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment