Malware

Application.Babar.317720 (B) removal guide

Malware Removal

The Application.Babar.317720 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Babar.317720 (B) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Application.Babar.317720 (B)?



File Info:

name: 1D2AC365F7D54F5AADCC.mlw
path: /opt/CAPEv2/storage/binaries/784a442d746376719d504bcfcfad5959582a25f12aabbb5bfc6fe3f4cecbf22f
crc32: 3F2E76CE
md5: 1d2ac365f7d54f5aadccefe1a4b6a053
sha1: 6570c872736c4342d71265dc0ac7c39c8710ffd1
sha256: 784a442d746376719d504bcfcfad5959582a25f12aabbb5bfc6fe3f4cecbf22f
sha512: d18d0fb34ddf414f73987d7732c45f7bdac97734d421eac4ac9a751e7e3aea01e35266d7a939284383a18afb8e5a0534605fb576626a187a066668ded876ab4b
ssdeep: 6144:Xlok+jjiSXQhbRtTgjblZ2U5VGJXUv18Uw61:Vok+j3Q1Tydgtz61
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T168948C527901D835E4AA0D310694F76D2319B80AD8539F8732987EEFFFF29E48E21275
sha3_384: 6f1cf75447c9a8f4aa67339a70a7f68ac1c334758f27d342dbf249985999c4c7bf6fca3e1a36d91f287e385e4f293073
ep_bytes: e829060000e981feffff3b0d10804000
timestamp: 2012-09-29 18:43:53


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Microsoft Setup Bootstrapper
FileVersion: 15.0.4420.1017
InternalName: setup.exe
LegalTrademarks1: Microsoft® is a registered trademark of Microsoft Corporation.
LegalTrademarks2: Windows® is a registered trademark of Microsoft Corporation.
OriginalFilename: setup.exe
ProductName: Microsoft Setup Bootstrapper
ProductVersion: 15.0.4420.1017
Translation: 0x0000 0x04e4

Application.Babar.317720 (B) also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
DrWebWin32.Beetle.3
MicroWorld-eScanGen:Variant.Application.Babar.317720
FireEyeGeneric.mg.1d2ac365f7d54f5a
SkyhighBehavesLike.Win32.BadFile.gh
McAfeeArtemis!1D2AC365F7D5
Cylanceunsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (D)
AlibabaTrojan:Win32/Senoval.a61ef959
K7GWTrojan ( 005ab4bf1 )
K7AntiVirusTrojan ( 005ab4bf1 )
BitDefenderThetaAI:Packer.4D18E2D01E
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Patched.NKM
APEXMalicious
CynetMalicious (score: 100)
KasperskyVirus.Win32.Senoval.a
BitDefenderGen:Variant.Application.Babar.317720
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Patched-AWW [Trj]
RisingTrojan.Generic@AI.94 (RDML:0DwSEpMWKSOnxHhcjoruOQ)
EmsisoftGen:Variant.Application.Babar.317720 (B)
F-SecureTrojan.TR/Patched.Gen
VIPREGen:Variant.Application.Babar.317720
Trapminemalicious.high.ml.score
SophosW32/Patched-CD
IkarusTrojan.Win32.Patched
VaristW32/Patched.GQ1.gen!Eldorado
AviraTR/Patched.Gen
Kingsoftmalware.kb.a.962
MicrosoftTrojan:Win32/Convagent.AJ!MTB
ArcabitTrojan.Application.Babar.D4D918
ZoneAlarmVirus.Win32.Senoval.a
GDataGen:Variant.Application.Babar.317720
GoogleDetected
AhnLab-V3Malware/Win.Generic.C5481396
VBA32BScope.TrojanDownloader.Emotet
ALYacGen:Variant.Application.Babar.317720
MAXmalware (ai score=75)
TencentTrojan.Win32.Pathced_ya.16001052
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Patched.IP!tr
AVGWin32:Patched-AWW [Trj]
DeepInstinctMALICIOUS
alibabacloudVirus:Win/Patched.NHO

How to remove Application.Babar.317720 (B)?

Application.Babar.317720 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment