Malware

How to remove “Babar.150613”?

Malware Removal

The Babar.150613 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Babar.150613 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Babar.150613?



File Info:

name: 299A690AFEF86F38DF92.mlw
path: /opt/CAPEv2/storage/binaries/4493f2caf5fc2aa0d83e06dff3ef82aa2791aaaf55670b24dfc6b5166f0c5222
crc32: 5AB72F36
md5: 299a690afef86f38df92165bbd648502
sha1: 3a5af4f8b7f9ef60e5c2ecb7ebf799a388d45005
sha256: 4493f2caf5fc2aa0d83e06dff3ef82aa2791aaaf55670b24dfc6b5166f0c5222
sha512: 4af26d10ea9a2e56ee57625440ab653622104e61741699764b032986ec06cbbe66bb685da75852f53b136a7bbb0980011c9f65363e1e9a04e9d6406f0a84c482
ssdeep: 24576:8cFiC1b5quRy55+3O4wYhz/DgK6Jo658NT0:8WT11qr5+3O4RNrgrraI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1560523A7D6A00835F0D216B55F48801AEA37BA617F751E6835CC76FB875B7B0C8087CA
sha3_384: de2ab769397c60815e16f3f5b26b109f3eb4ddc2728f2a5ba0bf7db64e6aec391e947c29e63319b4bf7aad89d3102497
ep_bytes: 558bec83c1c453565733d28945f08945
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: Program                                                     
FileDescription: Prog Setup                                                  
FileVersion: 2.8.5.5             
LegalCopyright: App internet                                                                                        
ProductName: Prog                                                        
ProductVersion: 4.3.1                                             
Translation: 0x0000 0x04b0

Babar.150613 also known as:

LionicTrojan.Win32.Generic.mCDi
MicroWorld-eScanGen:Variant.Babar.150613
FireEyeGen:Variant.Babar.150613
CAT-QuickHealPUA.Dmnpartner.Gen
ALYacGen:Variant.Babar.150613
MalwarebytesPUP.Optional.Downloader.DDS
SangforSuspicious.Win32.Save.ins
AlibabaAdWare:Win32/InstallCore.ffe6bbc8
CrowdStrikewin/grayware_confidence_100% (W)
ArcabitTrojan.Babar.D24C55
VirITPUP.Win32.DMN.A
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/InstallCore.Gen.A potentially unwanted
APEXMalicious
ClamAVWin.Malware.Installcore-6954484-0
Kasperskynot-a-virus:UDS:AdWare.Win32.DealPly.fdyln
BitDefenderGen:Variant.Babar.150613
NANO-AntivirusVirus.Win32.Gen.ccmw
SUPERAntiSpywarePUP.InstallCore/Variant
AvastWin32:Evo-gen [Trj]
TencentAdware.Win32.InstallCore.ka
SophosGeneric Reputation PUA (PUA)
F-SecurePotentialRisk.PUA/InstallCore.JF
DrWebTrojan.InstallCore.1903
VIPREGen:Variant.Babar.150613
TrendMicroPAK_Xed-21
McAfee-GW-EditionBehavesLike.Win32.Generic.cc
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Babar.150613 (B)
JiangminDownloader.InstallMonster.dc
GoogleDetected
AviraPUA/InstallCore.JF
MAXmalware (ai score=81)
ViRobotAdware.Installcore.820808.SY
ZoneAlarmnot-a-virus:UDS:AdWare.Win32.DealPly.fdyln
GDataWin32.Application.InstallCore.EU
CynetMalicious (score: 100)
AhnLab-V3Adware/Win.Generic.R560671
McAfeeArtemis!299A690AFEF8
VBA32BScope.Trojan.InstallCore
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H0CC923
SentinelOneStatic AI – Suspicious PE
MaxSecureAdware.not-a-virus.WIN32.AdWare.DealPly.gen_188964
FortinetW32/Wacatac.B!tr
AVGWin32:Evo-gen [Trj]
DeepInstinctMALICIOUS

How to remove Babar.150613?

Babar.150613 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment