Trojan

Trojan.Win32.Bublik.fjzk malicious file

Malware Removal

The Trojan.Win32.Bublik.fjzk is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Bublik.fjzk virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Anomalous file deletion behavior detected (10+)
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Created a process from a suspicious location
  • Anomalous binary characteristics

How to determine Trojan.Win32.Bublik.fjzk?



File Info:

name: D7CBD150DDE36AFC651B.mlw
path: /opt/CAPEv2/storage/binaries/247f85585b095807c6d298c93ecd83700c5772339ff7c12ff4fdbe3aedf3ac55
crc32: E8FDD6AB
md5: d7cbd150dde36afc651b9513de8482d9
sha1: 16d10cd665dff07ecce982032f67c6ba66f44fa8
sha256: 247f85585b095807c6d298c93ecd83700c5772339ff7c12ff4fdbe3aedf3ac55
sha512: 948053281971a9eb2c04eea62f6030c896ca9d183955b2edf607cbe5132b5fd8fdc8670fef7c36c9549fc0f0ec6e0d82f91bad873eea7daedeb81e759e67dec0
ssdeep: 192:bzjLTKaNsd56ZVFpCO0Tf83pC+/IE/hTUoh6HF/:bzH+556Zs7Q3/IEpTUohqt
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T169E2B8FB63ACBCF2CA2B063020F7C64670236255259E068927C131780DF175DE6EDEA1
sha3_384: 7a854657fb37e7062361dc36ec7b8cd81449687e2ed36593b0286cd309b3140bb500398d091695f279dac9c01e36c0c7
ep_bytes: 558bec83c4d46a64686441400033c050
timestamp: 2002-04-27 11:10:45


Version Info:

0: [No Data]

Trojan.Win32.Bublik.fjzk also known as:

FireEyeGeneric.mg.d7cbd150dde36afc
CAT-QuickHealTrojanDownloader.Upatre.V4
McAfeeUpatre-FAAG!D7CBD150DDE3
CylanceUnsafe
VIPRETrojan.Win32.Upatre.ab (v)
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
K7GWTrojan-Downloader ( 0048f6391 )
K7AntiVirusTrojan-Downloader ( 0048f6391 )
ArcabitTrojan.Upatre.Gen.3
BaiduWin32.Trojan-Downloader.Waski.a
CyrenW32/Trojan.NWMD-5060
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/TrojanDownloader.Waski.A
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Bublik.fjzk
BitDefenderTrojan.Upatre.Gen.3
NANO-AntivirusTrojan.Win32.DownLoad3.fapyco
MicroWorld-eScanTrojan.Upatre.Gen.3
AvastWin32:Dropper-NWS [Trj]
TencentTrojan.Win32.Bublik.cpil
Ad-AwareTrojan.Upatre.Gen.3
ComodoTrojWare.Win32.Kryptik.CBXB@5a837k
DrWebTrojan.DownLoad3.33354
ZillyaTrojan.Kryptik.Win32.3050122
TrendMicroTROJ_UPATRE.SM37
EmsisoftTrojan.Upatre.Gen.3 (B)
IkarusTrojan-Spy.Agent
JiangminTrojan/Bublik.gyn
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=86)
Antiy-AVLTrojan/Generic.ASMalwS.9F142D
MicrosoftTrojanDownloader:Win32/Upatre.AA
GDataTrojan.Upatre.Gen.3
AhnLab-V3Dropper/Win32.Zbot.R106661
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34212.cq1@aeEIlRgi
ALYacTrojan.Upatre.Gen.3
VBA32Trojan.Zbot.1454
MalwarebytesMalware.AI.3186035322
TrendMicro-HouseCallTROJ_UPATRE.SM37
RisingSpyware.Zbot!8.16B (TFE:dGZlOgKttyG28kUXww)
YandexTrojan.DL.Waski!47pnaHR2pnk
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Upatre.Gen
FortinetW32/Kryptik.GQIX!tr
AVGWin32:Dropper-NWS [Trj]
Cybereasonmalicious.0dde36
PandaTrj/Zbot.M

How to remove Trojan.Win32.Bublik.fjzk?

Trojan.Win32.Bublik.fjzk removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment