Malware

Bulz.867957 (B) removal instruction

Malware Removal

The Bulz.867957 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.867957 (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Presents an Authenticode digital signature
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Bulz.867957 (B)?



File Info:

name: 37AF43E1562E5F48D7B0.mlw
path: /opt/CAPEv2/storage/binaries/d1863a0a8f95c56c7defa927f5ec0de55336a8b0916807627873e3daaede0d82
crc32: 41FC6774
md5: 37af43e1562e5f48d7b0be5b57df7d89
sha1: 3a0d42c1e28303a9f0352a9e1b21e0a57597d530
sha256: d1863a0a8f95c56c7defa927f5ec0de55336a8b0916807627873e3daaede0d82
sha512: 6bcb61a1bef54269087d3252837d5ea18da035029e083350d3b279e1a310eae8d098d4b7c41bd658d72e86c9c150a2d554de9b806145421f6de4766ff908f9e4
ssdeep: 24576:p7Yi+BNc5daewsAjdHF8z3j5D7JaT+KVvrSrtUxHXVav9MkJSz:p7+SuljdHF+3j5D78OBUqv9Mx
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1D3B59F13AE6C8071D06F7D354D61D7DA96617C108B227A8B5ED07E9DEFB22C0BA2D231
sha3_384: 6be267277512aeb59cfcbe9871f88ef050bc99c44465fedbb185e9b3a90cedf9a9fe7a7a18f8a1d5de49ce7852fa4e8c
ep_bytes: 4883ec28e85b0200004883c428e97afe
timestamp: 2021-08-11 22:26:42


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Microsoft Edge
FileVersion: 92.0.902.73
InternalName: cookie_exporter_exe
LegalCopyright: Copyright Microsoft Corporation. All rights reserved.
OriginalFilename: cookie_exporter.exe
ProductName: Microsoft Edge
ProductVersion: 92.0.902.73
CompanyShortName: Microsoft
ProductShortName: Microsoft Edge
LastChange: cad199e39220991414cd71868a619fff614880c7
Official Build: 1
Translation: 0x0409 0x04b0

Bulz.867957 (B) also known as:

LionicTrojan.Win32.Bulz.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.867957
FireEyeGen:Variant.Bulz.867957
McAfeeArtemis!37AF43E1562E
CylanceUnsafe
CyrenW64/Bulz.BT.gen!Eldorado
SymantecTrojan.Gen.2
ClamAVWin.Ransomware.WannaCry-9856297-0
BitDefenderGen:Variant.Bulz.867957
AvastFileRepMalware
Ad-AwareGen:Variant.Bulz.867957
EmsisoftGen:Variant.Bulz.867957 (B)
McAfee-GW-EditionBehavesLike.Win64.Generic.vh
SophosGeneric ML PUA (PUA)
IkarusTrojan.Msil
GDataGen:Variant.Bulz.867957
JiangminPacked.Krap.gvtl
Antiy-AVLTrojan/Generic.ASMalwS.349521C
ArcabitTrojan.Bulz.DD3E75
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
ALYacGen:Variant.Bulz.867957
MAXmalware (ai score=82)
TrendMicro-HouseCallTROJ_GEN.R03BH09L121
SentinelOneStatic AI – Malicious PE
FortinetW64/Bulz.BT!tr
AVGFileRepMalware

How to remove Bulz.867957 (B)?

Bulz.867957 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment