Malware

How to remove “Babar.100210”?

Malware Removal

The Babar.100210 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Babar.100210 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Babar.100210?



File Info:

name: 2F5E7D19335F9DC2AA9A.mlw
path: /opt/CAPEv2/storage/binaries/59dd772ad38e5c801fbd3b029bde5c913aaa4c525bc29a22c6f4f064aedaa3b7
crc32: 9F18BC30
md5: 2f5e7d19335f9dc2aa9ac03430f4acbc
sha1: 0ba5453036421c3a9b4329e46d9032aff6a7de3f
sha256: 59dd772ad38e5c801fbd3b029bde5c913aaa4c525bc29a22c6f4f064aedaa3b7
sha512: d1999aa812ab58ac3f0353b9bb0b30bb068f51d693b003f1102f8794d2265b08b277aa24935cb965c15dd7d5a760c93461d40339549ea393e9ed4064c67afa06
ssdeep: 49152:/RjO62o8UjTHDlmwfnvU3Bz81+QCRfGVVa+pAFBQrVHiK37:ZimDl1vU3Bz++QCdGVs+pIQpCKr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T135B5237B8B0589CB67E144EEA7F41209357C9E510FF380BA8B66BE058B681C0CD51FA7
sha3_384: d88a51758b169c06840ed3cc4a15a7097e14984f16ad42a1bfea2a9ae953db7933e8d1414f5008ff2e4dae2a385e8ad3
ep_bytes: 414951595159424a474f525a424a5058
timestamp: 2018-03-22 20:44:51


Version Info:

0: [No Data]

Babar.100210 also known as:

BkavW32.AIDetect.malware1
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Babar.100210
FireEyeGeneric.mg.2f5e7d19335f9dc2
CAT-QuickHealTrojan.Generic.A1
ALYacGen:Variant.Babar.100210
CylanceUnsafe
ZillyaTrojan.Injector.Win32.595497
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 00536d121 )
K7GWTrojan ( 00536d121 )
Cybereasonmalicious.9335f9
ArcabitTrojan.Babar.D18772
CyrenW32/Injector.ACA.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Injector.DPAH
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Inject.pef
BitDefenderGen:Variant.Babar.100210
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Evo-gen [Trj]
TencentWin32.Trojan.Inject.Zwhl
Ad-AwareGen:Variant.Babar.100210
SophosML/PE-A + Troj/Inject-IAL
ComodoTrojWare.Win32.VirRansom.A@7fqw7c
DrWebTrojan.DownLoad4.10372
VIPREGen:Variant.Babar.100210
TrendMicroMal_MLWR-1
McAfee-GW-EditionBehavesLike.Win32.VirRansom.vc
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Babar.100210 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.cavqx
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=99)
Antiy-AVLTrojan/Generic.ASBOL.C659
MicrosoftTrojan:Win32/Occamy.B
GDataGen:Variant.Babar.100210
GoogleDetected
AhnLab-V3Trojan/Win32.Generic.C2035182
McAfeePacked-XV!2F5E7D19335F
VBA32Trojan.Cloxer
MalwarebytesMalware.Heuristic.1004
TrendMicro-HouseCallMal_MLWR-1
RisingTrojan.Injector!1.AF22 (CLASSIC)
IkarusTrojan.Win32.Injector
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Injector.DPAH!tr
BitDefenderThetaAI:Packer.BC60EF1B1E
AVGWin32:Evo-gen [Trj]
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Babar.100210?

Babar.100210 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment