Categories: Malware

Bulz.926889 (B) (file analysis)

The Bulz.926889 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Bulz.926889 (B) virus can do?

Authenticode signature is invalid
Anomalous binary characteristics
Binary compilation timestomping detected

How to determine Bulz.926889 (B)?


File Info:
name: C169FA84F7A08086AD3F.mlwpath: /opt/CAPEv2/storage/binaries/7215ae472a36368024a65ec71aac0e37e00f94de01c87f996fd9790a96db4335crc32: FF00E9B1md5: c169fa84f7a08086ad3f952da538192dsha1: 2f800459048ab758d6a79913a32e48360082da47sha256: 7215ae472a36368024a65ec71aac0e37e00f94de01c87f996fd9790a96db4335sha512: ead211900df909c2e833a7e383d84bfc69e083173abe8d9381a69fcdd1fcdcac6c792f045c35b12b9dbe916a9b64acf2d73cf4d25f905493d80b5b38438a3b9assdeep: 98304:C6/HCs9hQ+RYNAKvkTgXuquveY+W2o8oT3ezMrl9cekcHhXh9HJUiWUXsmqsqzlw:PCstmAtype: PE32+ executable (GUI) x86-64, for MS Windowstlsh: T151064912ABEFA662CC7545308F7E96A01660BC901AE1C75B3394BA5DDD3324CB92F713sha3_384: b860b9a20660830d1b12ee5e517ad5ecaf32ceb8ba47688cc3c99b9c6dc9856802f4d7747c6b8e2fa432d9e5bfad1022ep_bytes: 40534883ec20488bd9e88a050000488btimestamp: 2100-03-02 06:33:42
Version Info:
CompanyName: Microsoft CorporationFileDescription: Client Server Runtime ProcessFileVersion: 10.0.17134.1 (WinBuild.160101.0800)InternalName: CSRSS.ExeLegalCopyright: © Microsoft Corporation. All rights reserved.̀: ฀먟঴⇍Ƹ쵌吡楨⁳牰杯慲⁭慣湮瑯戠⁥畲⁮湩䐠协洠摯⹥഍␊:

Bulz.926889 (B) also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Bulz.926889
FireEye	Generic.mg.c169fa84f7a08086
McAfee	Artemis!C169FA84F7A0
Malwarebytes	Malware.AI.2797890020
Sangfor	Trojan.Win32.Save.a
Cybereason	malicious.4f7a08
BitDefenderTheta	Gen:NN.ZevbaF.34084.dq0@aSOchTbb
Cyren	W64/Ipamor.CZ.gen!Eldorado
Baidu	Win32.Trojan.VB.t
ClamAV	Win.Malware.Filerepmalware-9883702-0
Kaspersky	UDS:Worm.Win32.AutoRun.vx
BitDefender	Gen:Variant.Bulz.926889
Avast	Win32:VB-FBX
Emsisoft	Gen:Variant.Bulz.926889 (B)
DrWeb	Win32.HLLW.Autoruner.547
Zillya	Worm.AutoRun.Win32.205746
McAfee-GW-Edition	BehavesLike.Win64.Autorun.wm
Sophos	Generic ML PUA (PUA)
Ikarus	Olext.Win32
GData	Gen:Variant.Bulz.926889
Jiangmin	Packed.Krap.gvuf
MAX	malware (ai score=87)
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Bulz.926889
VBA32	Worm.AutoRun
Cylance	Unsafe
Rising	Worm.VB!1.DA3E (CLASSIC)
SentinelOne	Static AI – Malicious PE
Fortinet	W32/Agent.85DB!tr
AVG	Win32:VB-FBX