Trojan.MSIL.Bulz.J

By CagedTech in Trojans

Threat Scorecard

Popularity Rank:	14,013
Threat Level:	80 % (High)
Infected Computers:	748

First Seen:	September 15, 2021
Last Seen:	October 4, 2025
OS(es) Affected:	Windows

Table of Contents

Analysis Report

General information

Family Name:	Trojan.MSIL.Bulz.J
Signature status:	No Signature

Known Samples

MD5: 54be11213e95f8b31ef11173bd2a0641

SHA1: 417608dc716ba268a2f58298c9cfb6f0fe89a171

SHA256: 6E320A9D57E9D1CADF707C85FD4CAB81744F4AF9A357C71F129EF12DD7298C0E

File Size: 60.93 KB, 60928 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have exports table
File doesn't have security information
File is .NET application
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name	Value
Assembly Version	1.4.0.0
File Version	1.4.0.0
Internal Name	MyNewService.exe
Original Filename	MyNewService.exe
Product Version	1.4.0.0

File Traits

.NET
RijndaelManaged
x86

Block Information

Total Blocks:	93
Potentially Malicious Blocks:	4
Whitelisted Blocks:	45
Unknown Blocks:	44

Visual Map

x 0 0 0 0 0 ? x x ? ? 0 0 0 0 ? ? 0 ? 0 0 ? ? ? ? ? 0 ? ? ? ? 0 0 ? ? ? ? ? 0 0 ? 0 0 0 0 0 ? 0 ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 0 ? 0 0 x 0 ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 ? ? ?

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Registry Modifications

Key::Value	Data	API Name
HKLM\system\controlset001\services\eventlog\dodylog::maxsize		RegNtPreCreateKey
HKLM\system\controlset001\services\eventlog\dodylog::autobackuplogfiles		RegNtPreCreateKey
HKLM\system\controlset001\services\eventlog\dodylog\dodylog::eventmessagefile	C:\Windows\Microsoft.NET\Framework\v4.0.30319\EventLogMessages.dll	RegNtPreCreateKey
HKLM\system\controlset001\services\eventlog\dodylog\dodylogsourse::eventmessagefile	C:\Windows\Microsoft.NET\Framework\v4.0.30319\EventLogMessages.dll	RegNtPreCreateKey

Windows API Usage

Category	API
User Data Access	GetUserDefaultLocaleName GetUserObjectInformation
Service Control	StartServiceCtrlDispatcher

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Trojan.MSIL.Bulz.J

Threat Scorecard

EnigmaSoft Threat Scorecard

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

Windows PE Version Information

Windows PE Version Information

File Traits

Block Information

Block Information

Visual Map

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Submit Comment

Trending

TechBrowser

Sns Ransomware

Acreed Stealer

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Discord Is Stuck on Gray Screen

Discord Shows Black Screen when Sharing Screen