Bulz.921198 (B) removal tips

The Bulz.921198 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Bulz.921198 (B) virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
Presents an Authenticode digital signature
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Bulz.921198 (B)?


File Info:
name: C9FB10271DF240F1DA60.mlw
path: /opt/CAPEv2/storage/binaries/4fb001a8a4e5caac264498bf36accd6ef7bca5b0f36b797e813fa2cfc9da6f8b
crc32: 735D7775
md5: c9fb10271df240f1da6080015739ef95
sha1: 070c8c3a086ec4c37991dc61a48e906fbcf5cfa5
sha256: 4fb001a8a4e5caac264498bf36accd6ef7bca5b0f36b797e813fa2cfc9da6f8b
sha512: 93d36cd5dd4948ee4d030f43722e548bd6917e69b570f4fcc8678acbdfb56acb6c2b3406b222c7602a9e5657392a079569fd70517a4090cd99a41e11eb8e9927
ssdeep: 6144:Mvws9usDlIo1bqQ7pjAkcc+kLQkxDGLMWHCq79Zh34UH/ath3E476azh:MvwsTxb8c+WxDGQWH179ZBXH/Em
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1B93551032684E722D5AD26B435E0C1775DD1BDE2482798AA3386BFFEC83BE5197D0325
sha3_384: 998ae1680270ed893e205ce8b2879e5bd76c8a6f2dde5cac7b91b68d22d8c4b92e1a12a1e346d37db9a7c262bac2ee1d
ep_bytes: e8a5060000e974feffff558beceb0dff
timestamp: 2020-12-09 13:07:56

Version Info:
Comments: Java Access Bridge
CompanyName: Oracle Corporation
FileDescription: Java(TM) Platform SE binary
FileVersion: 8.0.2810.9
Full Version: 1.8.0_281-b09
InternalName: jabswitch
LegalCopyright: Copyright © 2020
OriginalFilename: jabswitch.exe
ProductName: Java(TM) Platform SE 8
ProductVersion: 8.0.2810.9
Translation: 0x0409 0x04b0

Bulz.921198 (B) also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Bulz.4!c
MicroWorld-eScan	Gen:Variant.Bulz.921198
FireEye	Gen:Variant.Bulz.921198
McAfee	Artemis!C9FB10271DF2
Cylance	Unsafe
Symantec	ML.Attribute.HighConfidence
TrendMicro-HouseCall	TROJ_GEN.R002H09L821
Paloalto	generic.ml
BitDefender	Gen:Variant.Bulz.921198
Avast	Win32:Malware-gen
Ad-Aware	Gen:Variant.Bulz.921198
Sophos	Generic ML PUA (PUA)
McAfee-GW-Edition	BehavesLike.Win32.CoinMiner.tt
Emsisoft	Gen:Variant.Bulz.921198 (B)
Ikarus	Trojan.Autorun
GData	Gen:Variant.Bulz.921198
Gridinsoft	Ransom.Win32.Gen.sa
Arcabit	Trojan.Bulz.DE0E6E
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Bulz.921198
MAX	malware (ai score=81)
SentinelOne	Static AI – Suspicious PE
Fortinet	PossibleThreat.PALLASNET.H
AVG	Win32:Malware-gen
MaxSecure	Trojan.Malware.121218.susgen

How to remove Bulz.921198 (B)?

Bulz.921198 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X