Categories: Malware

What is “Bulz.844662”?

The Bulz.844662 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Bulz.844662 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Creates RWX memory
Guard pages use detected – possible anti-debugging.
Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Bulz.844662?


File Info:
name: 65D6DDD7403708519592.mlwpath: /opt/CAPEv2/storage/binaries/17ec7f8b68043e0dc13c000370ead1533a8f292fae0c4e1cee0107fcc90ad7f2crc32: 42B6076Bmd5: 65d6ddd74037085195926bbcf501ef06sha1: 79bfb229167a53b4e78bc99ad28adc27d2c9d7f9sha256: 17ec7f8b68043e0dc13c000370ead1533a8f292fae0c4e1cee0107fcc90ad7f2sha512: 6463318e6eade32a7e205353cfdba7d83d6ff37cd966ce04189b86a667837f5c60d8a57d90cdada8dd70adcc1022807aee92da074a03dcf5981a2ad9683c01eassdeep: 49152:u0wnNTBxss1TFqnstLet3LyZoEp6vWWhipXqsTEIR80EzG6IgekI:CVHqnstLEg7pXo/IifKmekItype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T119362815EFFA4A22D875A5308E38A36C45707E601EA2C65BB644B21DE933F95743F323sha3_384: 63f4a0abb4a5827da8987e6eef30e2150a9a2b0df98bc00f31aad6922bf3fb5c262926eae34f23862c79e6898a2ccfadep_bytes: ff250020400000000000000000000000timestamp: 2009-07-13 22:36:03
Version Info:
CompanyName: Microsoft CorporationFileDescription: Media Center Extensibility Host for 32 bitsFileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)InternalName: ehExtHost32.exeLegalCopyright: © Microsoft Corporation. All rights reserved.OriginalFilename: ehExtHost32.exeProductName: Microsoft® Windows® Operating SystemProductVersion: 6.1.7600.16385Translation: 0x0409 0x04b0

Bulz.844662 also known as:

tehtris	Generic.Malware
MicroWorld-eScan	Gen:Variant.Bulz.844662
FireEye	Generic.mg.65d6ddd740370851
ALYac	Gen:Variant.Bulz.844662
Cylance	Unsafe
Sangfor	[ARMADILLO V1.71]
Cyren	W32/MSIL_Troj.BDC.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ClamAV	Win.Trojan.Blackie-9884258-0
BitDefender	Gen:Variant.Bulz.844662
NANO-Antivirus	Trojan.Win32.Autorun.iuqoch
Avast	Win32:Malware-gen
Ad-Aware	Gen:Variant.Bulz.844662
Emsisoft	Gen:Variant.Bulz.844662 (B)
F-Secure	Heuristic.HEUR/AGEN.1223703
McAfee-GW-Edition	BehavesLike.Win32.Autorun.rm
SentinelOne	Static AI – Malicious PE
Sophos	Generic ML PUA (PUA)
APEX	Malicious
Jiangmin	Packed.Krap.gvwy
Avira	HEUR/AGEN.1223703
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	MSIL.Trojan.PSE.1JJGIXK
Cynet	Malicious (score: 100)
Acronis	suspicious
McAfee	Artemis!65D6DDD74037
MAX	malware (ai score=89)
Ikarus	Trojan.Agent
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	MSIL/Ipamor.D818!tr
AVG	Win32:Malware-gen
CrowdStrike	win/malicious_confidence_60% (W)