How to remove “Bulz.899167 (B)”?

The Bulz.899167 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Bulz.899167 (B) virus can do?

Sample contains Overlay data
Presents an Authenticode digital signature
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Bulz.899167 (B)?


File Info:
name: F9997D505119772BDA9F.mlw
path: /opt/CAPEv2/storage/binaries/cd52948055d4e154898aa26be349fec3f4be7d1019bc1dbea59e1b5d4eec2f63
crc32: 701FC803
md5: f9997d505119772bda9fe9004bfc2b0c
sha1: b13977a901b98b7d9ad711fa9bf5ae4b8b75fd64
sha256: cd52948055d4e154898aa26be349fec3f4be7d1019bc1dbea59e1b5d4eec2f63
sha512: 704b00210a38d73d717ee07e9005285cef1295cb2a2dbb96a5db7db7878f5359cbb797c90541b86ae7f3e7684144df4c44f452ac12f3d577bac1bda86d98deff
ssdeep: 24576:vE4Qf8Dt3YZ3y78LfUncuzKPgssStPUvgB:Kf8DtoZ/LfUnhKPgssSt2gB
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T178951913ABF894A5F2F76E709EB582505B76BC715E31C24FA290124E4D72AD09E31B33
sha3_384: 9f7442c3470f200a46147747d8bbb5269c653c24f5f1ac3f3876b07aa3372bd9398ade84b25a0cd8ba25374730e7238f
ep_bytes: 4883ec28e88f0200004883c428e99efd
timestamp: 2013-10-08 12:58:51

Version Info:
CompanyName: Oracle Corporation
FileDescription: Java(TM) Platform SE binary
FileVersion: 7.0.450.18
Full Version: 1.7.0_45-b18
InternalName: kinit
LegalCopyright: Copyright © 2013
OriginalFilename: kinit.exe
ProductName: Java(TM) Platform SE 7 U45
ProductVersion: 7.0.450.18
Translation: 0x0000 0x04b0

Bulz.899167 (B) also known as:

Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Bulz.899167
FireEye	Generic.mg.f9997d505119772b
CAT-QuickHeal	Trojan.Bulz
McAfee	Artemis!F9997D505119
Malwarebytes	Malware.AI.1415035762
VIPRE	Gen:Variant.Bulz.899167
Sangfor	Trojan.Win32.Save.a
Alibaba	Virus:Win64/Genric.314d6b31
CrowdStrike	win/grayware_confidence_100% (D)
Cyren	W64/Ipamor.W.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
tehtris	Generic.Malware
APEX	Malicious
Paloalto	generic.ml
Cynet	Malicious (score: 100)
BitDefender	Gen:Variant.Bulz.899167
Avast	Win64:Malware-gen
Rising	Virus.Undefined!8.23 (CLOUD)
Sophos	Mal/Generic-S
McAfee-GW-Edition	BehavesLike.Win64.RealProtect.th
Emsisoft	Gen:Variant.Bulz.899167 (B)
SentinelOne	Static AI – Malicious PE
GData	Gen:Variant.Bulz.899167
Antiy-AVL	GrayWare/Win32.Tampering.3da7
Arcabit	Trojan.Bulz.DDB85F
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
Acronis	suspicious
ALYac	Gen:Variant.Bulz.899167
MAX	malware (ai score=87)
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H0CDN23
Ikarus	Virus.Win32.VB
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W64/Agent.FBB1!tr
AVG	Win64:Malware-gen
DeepInstinct	MALICIOUS

How to remove Bulz.899167 (B)?

Bulz.899167 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X