Malware

Bulz.867293 removal instruction

Malware Removal

The Bulz.867293 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.867293 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Russian
  • Authenticode signature is invalid
  • Created a process from a suspicious location
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

wpad.local-net

How to determine Bulz.867293?



File Info:

name: 6DFDD0B5375E2C2E2978.mlw
path: /opt/CAPEv2/storage/binaries/baff804f43e0398702cf751ba79749ce5155ebba1130cf8f914bfce2ab1c230d
crc32: 68ACAC79
md5: 6dfdd0b5375e2c2e2978ffa58662ff3a
sha1: 8bfda17c8c09cab374994ab3b884dc7198bc2efe
sha256: baff804f43e0398702cf751ba79749ce5155ebba1130cf8f914bfce2ab1c230d
sha512: 34004d57bd03ae6a4cb90246e03452e18f8d8fe1cd10b621150ee08adad9d385d3d15ad78d510b3dff992f999ebad67c4ddac16dcf5aea6d4fc77120691c60a8
ssdeep: 24576:r2yQPx3x6nVgW8tHhaQIyOLDhd8hDahMv1XxMsmgxBH06rvrmc:rpI3xoVgQ8OLtIDaG1hM0LH06fd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1986522417BD0A8F5D735C232CF1ADB965633F39AA7818E47C7860E4A1ED32B2520B5D8
sha3_384: 1900cd420c584e21028f84edafc23663f9570724293106d689d2ab58723c84ae6ea51e48463375f44d1a7dfc9575c8e1
ep_bytes: 558bec6aff68504c410068801f410064
timestamp: 2010-06-27 07:06:38


Version Info:

CompanyName: Oleg N. Scherbakov
FileDescription: 7z Setup SFX (x86)
FileVersion: 1.4.0.1795
InternalName: 7ZSfxMod
LegalCopyright: Copyright © 2005-2010 Oleg N. Scherbakov
OriginalFilename: 7ZSfxMod_x86.exe
PrivateBuild: June 27, 2010
ProductName: 7-Zip SFX
ProductVersion: 1.4.0.1795
Translation: 0x0000 0x04b0

Bulz.867293 also known as:

MicroWorld-eScanGen:Variant.Bulz.867293
FireEyeGen:Variant.Bulz.867293
ALYacGen:Variant.Bulz.867293
CylanceUnsafe
SangforPUP.Win32.Graftor.510874
Cybereasonmalicious.5375e2
SymantecML.Attribute.HighConfidence
APEXMalicious
Paloaltogeneric.ml
BitDefenderGen:Variant.Bulz.867293
AvastWin32:TrojanX-gen [Trj]
EmsisoftGen:Variant.Bulz.867293 (B)
McAfee-GW-EditionRDN/Generic.grp
GDataGen:Variant.Bulz.867293
ArcabitTrojan.Bulz.DD3BDD
MicrosoftTrojan:Win32/Occamy.C
McAfeeArtemis!6DFDD0B5375E
MAXmalware (ai score=88)
MalwarebytesMalware.AI.1134424955
IkarusTrojan.Dropper
MaxSecureTrojan.Malware.74761523.susgen
FortinetW32/PossibleThreat
AVGWin32:TrojanX-gen [Trj]

How to remove Bulz.867293?

Bulz.867293 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment