Malware

Buzus.8 removal guide

Malware Removal

The Buzus.8 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Buzus.8 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • CAPE detected the embedded win api malware family
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Buzus.8?



File Info:

name: 283EC6A792CF98D0041B.mlw
path: /opt/CAPEv2/storage/binaries/1fd5aa030c8ea84c955c2a09c885d02d09284d6620d25456c8c74014e6bcda4a
crc32: 99C372A5
md5: 283ec6a792cf98d0041b2e0f31fbba28
sha1: d6ba8b067c1a07b9d5261799f70979eb3ed70951
sha256: 1fd5aa030c8ea84c955c2a09c885d02d09284d6620d25456c8c74014e6bcda4a
sha512: 9a8114a5f5f94c71178586c7f08342173c335424652936b2188647869623f2e85e23ef066cd8118d95684176713fecfbb209c58ef666b0a596af9d34dfd17a28
ssdeep: 768:OZdIE6mCfV1ZXDuT+pxvPDgAiXKZC2p2ng4nGwcsAWq:MpgZXcCvfA2p2nNWsO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15623AD0E8ADB10E3FCD515776DF6B4AB72A48162CC243883D3D138647625D9524FEF2A
sha3_384: ceaf4a98c369b70d9d484045695a499a2c82add996c41a42f109be9f5c335427f5df8e3de7d433703ce69a03a5085448
ep_bytes: 5589e583ec18c7042402000000ff1510
timestamp: 2011-04-26 16:24:16


Version Info:

0: [No Data]

Buzus.8 also known as:

LionicTrojan.Win32.Generic.lpN3
AVGWin32:Agent-AOZU [Trj]
tehtrisGeneric.Malware
DrWebTrojan.MulDrop2.14996
MicroWorld-eScanGen:Variant.Buzus.8
FireEyeGeneric.mg.283ec6a792cf98d0
SkyhighBehavesLike.Win32.Trojan.pc
McAfeeBackDoor-EZF
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTrojan.Injector.Win32.21814
SangforSuspicious.Win32.Save.a
AlibabaBackdoor:Win32/Bifrose.01041db6
K7GWTrojan ( 005325b21 )
K7AntiVirusTrojan ( 005325b21 )
BitDefenderThetaAI:Packer.4DB3FECB1E
VirITBackdoor.Win32.Bifrose.GC
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/Bifrose.NEL
CynetMalicious (score: 99)
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.Ceeinject-9818269-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Buzus.8
NANO-AntivirusTrojan.Win32.Bifrost.qayby
AvastWin32:Agent-AOZU [Trj]
TencentMalware.Win32.Gencirc.10b5f830
SophosMal/Kazy-C
F-SecureBackdoor.BDS/Bifrose.aezuc
BaiduWin32.Worm.Autorun.bm
VIPREGen:Variant.Buzus.8
TrendMicroTROJ_KAZY.SME3
EmsisoftGen:Variant.Buzus.8 (B)
SentinelOneStatic AI – Suspicious PE
JiangminTrojan/Buzus.auyl
WebrootW32.Trojan.Gen
VaristW32/CeeInject.Q.gen!Eldorado
AviraBDS/Bifrose.aezuc
MAXmalware (ai score=100)
Antiy-AVLTrojan/Win32.Refroso
KingsoftWin32.Trojan.Generic.a
MicrosoftBackdoor:Win32/Bifrose.AE
XcitiumTrojWare.Win32.Inject.JRR@4qmc61
ArcabitTrojan.Buzus.8
ViRobotTrojan.Win32.A.Buzus.11264.L
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGen:Variant.Buzus.8
GoogleDetected
AhnLab-V3Trojan/Win32.Buzus.R5258
VBA32Trojan.Bublik
ALYacGen:Variant.Buzus.8
TACHYONTrojan/W32.Small.46333.B
Cylanceunsafe
PandaGeneric Malware
TrendMicro-HouseCallTROJ_KAZY.SME3
RisingTrojan.Win32.Fednu.tgr (CLASSIC)
YandexTrojan.GenAsa!RkMKfn18lso
IkarusTrojan.Win32.Buzus
MaxSecureTrojan.Malware.2588.susgen
FortinetW32/Injector.KSK!tr
ZonerTrojan.Win32.36684
DeepInstinctMALICIOUS
alibabacloudTrojan:Win/Bifrose.NEL

How to remove Buzus.8?

Buzus.8 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment