Malware

Babar.22494 (B) removal instruction

Malware Removal

The Babar.22494 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Babar.22494 (B) virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics
  • Binary compilation timestomping detected

How to determine Babar.22494 (B)?



File Info:

name: C5751E10FCB057A89DF5.mlw
path: /opt/CAPEv2/storage/binaries/fdf0fda8d1e56f8a4d09319dc0c430b8335e5d6f68f8c418cd44574170116490
crc32: F1257A5C
md5: c5751e10fcb057a89df5205b40b9766f
sha1: 2bd566723604db7365c7c4984b70cfe9f5a87c57
sha256: fdf0fda8d1e56f8a4d09319dc0c430b8335e5d6f68f8c418cd44574170116490
sha512: c491f0debbc96050c25cb06cab996763b27d2e24af7d96d1e83fbb33f9c826bd0de552897890c879455d28bdf435783c71fc9b82d9efdc9f60d9a1441d961d9d
ssdeep: 24576:WDPqlGLbMMHMMMvMMZMMMKzb6XmMMMiMMMz8JMMHMMM6MMZMMMeXNMMzMMMUMMVG:W/MMHMMMvMMZMMMlmMMMiMMMYJMMHMMs
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18F057D42F7C8D465E0B706714D33DB644663FC658D24862F329A771E3E723836AA2E1B
sha3_384: 34a3c6c79fc97346085b811a070971fc7d0c849ab8bb2fd66554f6da0c76c94e3ee96cd9e3302d0dd67cb53073eb1810
ep_bytes: e8d0040000e979fdffffcccccccccccc
timestamp: 2051-11-25 12:21:07


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Internet Explorer
FileVersion: 11.00.18362.1
InternalName: iexplore
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: IEXPLORE.EXE
ProductName: Internet Explorer
ProductVersion: 11.00.18362.1
Translation: 0x0409 0x04b0

Babar.22494 (B) also known as:

LionicTrojan.Win32.Babar.4!c
FireEyeGen:Variant.Babar.22494
McAfeeArtemis!C5751E10FCB0
CylanceUnsafe
K7AntiVirusTrojan ( 00571b961 )
AlibabaTrojan:Win32/GenKryptik.eb88ffba
K7GWTrojan ( 00571b961 )
Cybereasonmalicious.0fcb05
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/GenKryptik.EUQU
BitDefenderGen:Variant.Babar.22494
MicroWorld-eScanGen:Variant.Babar.22494
TencentWin32.Trojan.Babar.Sxxt
Ad-AwareGen:Variant.Babar.22494
EmsisoftGen:Variant.Babar.22494 (B)
IkarusTrojan.Win32.Krypt
GDataGen:Variant.Babar.22494
AviraTR/Kryptik.sypsw
GridinsoftRansom.Win32.Gen.sa
MicrosoftTrojan:Win32/Wacatac.B!ml
MAXmalware (ai score=88)
APEXMalicious
FortinetW32/CoinMiner.3E08!tr
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Babar.22494 (B)?

Babar.22494 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment