Malware

Should I remove “Babar.224242”?

Malware Removal

The Babar.224242 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Babar.224242 virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Creates a copy of itself
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Babar.224242?



File Info:

name: B24B238D1C9CEB758ACB.mlw
path: /opt/CAPEv2/storage/binaries/3f29f69930391f2147d5ee172edbdd4689809a1de68f5708196408f15124be3c
crc32: FEB7B0B3
md5: b24b238d1c9ceb758acb6fc66d330d4c
sha1: 08c1a150d2a654d93cc1b9408ec6fee66e51cd7d
sha256: 3f29f69930391f2147d5ee172edbdd4689809a1de68f5708196408f15124be3c
sha512: f39c59e96744020fe535a16b462a77fef476b816099395fb714721663614c3e597aaa3e03621cfb07cbe791d0311b3896ebbe1abb2003e05abd01c739a549b4a
ssdeep: 49152:fafBjc0eeUj/8dhgv8Q9oT7gZGjoJsLR8mU7l3M2Y8cH5ve:faNn4/84v8Q9YRsZ3/YFve
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1D5A5334C70506E6BD971DBBE168DA29AEC179DF73E2B1C80591DB8A9B4BCC35E034843
sha3_384: fb6581fe203c548c00fc5da73070abc19ee811296564d6002ab8236a723e2d0781ee39249de7c893e6be876d37dc79de
ep_bytes: 60be005041008dbe00c0feffc787a040
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Babar.224242 also known as:

BkavW32.AIDetectMalware
MicroWorld-eScanGen:Variant.Babar.224242
FireEyeGen:Variant.Babar.224242
SkyhighBehavesLike.Win32.BadFile.vc
McAfeeArtemis!B24B238D1C9C
Cylanceunsafe
SangforTrojan.Win32.Agent.Veju
SymantecTrojan.Gen.2
Elasticmalicious (moderate confidence)
APEXMalicious
AvastFileRepMalware [Misc]
BitDefenderGen:Variant.Babar.224242
F-SecureDropper.DR/Delphi.Gen
EmsisoftGen:Variant.Babar.224242 (B)
GDataGen:Variant.Babar.224242
AviraDR/Delphi.Gen
ArcabitTrojan.Babar.D36BF2
CynetMalicious (score: 100)
ALYacGen:Variant.Babar.224242
MAXmalware (ai score=80)
MalwarebytesGeneric.Malware/Suspicious
RisingTrojan.Win32.Generic.12BBAB3D (C64:YzY0OjsWns6vERGj)
SentinelOneStatic AI – Suspicious PE
AVGFileRepMalware [Misc]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (D)

How to remove Babar.224242?

Babar.224242 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment