Malware

Should I remove “Babar.270661”?

Malware Removal

The Babar.270661 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Babar.270661 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Babar.270661?



File Info:

name: 496635FB29D4678CC42A.mlw
path: /opt/CAPEv2/storage/binaries/73f2dc9125f4c48394dc5d3e2c8af00033441c368389d5c79b9b6d3bb92d6f71
crc32: F1C87A40
md5: 496635fb29d4678cc42a558039811642
sha1: 024e9e779609f74d50f6ee1307fbf45f0db7f6e3
sha256: 73f2dc9125f4c48394dc5d3e2c8af00033441c368389d5c79b9b6d3bb92d6f71
sha512: 594037fea9821146abdaa2b42020775e72fec02359d1eea569e7a15e6f849778e9c359f91bb19a861c1d7d8bec72c53a57675603b0c4557784860a4c3d4c7fc6
ssdeep: 6144:76LKgZ9lwqWpRj4VssYZ2zNTISjHHbo0wD+/zZrf+LKoyV:7TqWpoNmgZISjnk05/tbzoy
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1BE74BE10A6E65024F9B3BB79DAF981851A3B7DE11731C1CF0166C5E90F32AE84974BB3
sha3_384: 9d07a20e035489ed53298528a1a5acddee8507d7bfcb3beb22f91e2dbc1af12d4a4e01edd09bbe5d6943037e9c6c1f81
ep_bytes: e8a9050000e96ffeffffccccccccccc3
timestamp: 2019-05-06 20:09:35


Version Info:

Platform: NT
LegalTrademarks: Microsoft SQL Server is a registered trademark of Microsoft Corporation.
Comments: SQL
GoldenBits: True
CompanyName: Microsoft Corporation
FileDescription: SQL External minidumper
FileVersion: 2019.0150.1500.158 ((BI_Main).190506-1918)
InternalName: SqlDumper
LegalCopyright: Microsoft. All rights reserved.
OriginalFilename: SqlDumper.exe
ProductName: Microsoft SQL Server
ProductVersion: 15.0.1500.158
Translation: 0x0409 0x04b0

Babar.270661 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Babar.270661
FireEyeGeneric.mg.496635fb29d4678c
MalwarebytesFloxif.Virus.FileInfector.DDS
VIPREGen:Variant.Babar.270661
SangforTrojan.Win32.Save.a
Cybereasonmalicious.79609f
APEXMalicious
BitDefenderGen:Variant.Babar.270661
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:TrojanX-gen [Trj]
EmsisoftGen:Variant.Babar.270661 (B)
McAfee-GW-EditionBehavesLike.Win32.Generic.fc
Trapminesuspicious.low.ml.score
GDataGen:Variant.Babar.270661
MAXmalware (ai score=88)
Antiy-AVLTrojan/Win32.Sabsik
ArcabitTrojan.Babar.D42145
MicrosoftTrojan:Win32/Wacatac.B!ml
ALYacGen:Variant.Doina.63198
RisingTrojan.Generic@AI.89 (RDML:aHtjgWzwO92jx2LzDO7xOw)
AVGWin32:TrojanX-gen [Trj]
CrowdStrikewin/malicious_confidence_90% (D)

How to remove Babar.270661?

Babar.270661 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment