Malware

About “Babar.273359” infection

Malware Removal

The Babar.273359 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Babar.273359 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Babar.273359?



File Info:

name: 0D1E2CC5CFEBD1D5056B.mlw
path: /opt/CAPEv2/storage/binaries/2af905fa75b17354857d4f36eae398aa30dcb5d205880d51908615dbc228f062
crc32: C866F8F1
md5: 0d1e2cc5cfebd1d5056b5e5ea4ac790c
sha1: 9f1d185dc97054719989192b21b9e6695683400a
sha256: 2af905fa75b17354857d4f36eae398aa30dcb5d205880d51908615dbc228f062
sha512: 7d435d2885793290d9560c797716e86f9179102839100d4f0ffa4205aff8bf930d3e981236c9e71589c535d3c9bfdb38cd1075fedbba65c85ae62aed541f157b
ssdeep: 6144:9AqGu5LlvTHXLt6pc9AM+JLw6oVYvIVPRGGp4aFcHyq8/a+f5Hr+B9Pj33bzomY7:tx1bXLt6yAkVYw1V2HG/l5g9Prb0gl4
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13E059E057DD7EDD2D3286C3088C2DBA9CEA2BC215E52C51BFABC1E5D196E3387E12161
sha3_384: 6dd644a35d4735eec13d5ae3f18c532958b322b9bde54d7d55ce8f57c2eeb905004c46084c9f12ea4f3d03870898e795
ep_bytes: b8985552005064ff3500000000648925
timestamp: 2010-06-09 15:47:50


Version Info:

FileVersion: 1.0.0.0
FileDescription: 易语言程序
ProductName: 易语言程序
ProductVersion: 1.0.0.0
LegalCopyright: 作者版权所有 请尊重并使用正版
Comments: 本程序使用易语言编写(http://www.eyuyan.com)
Translation: 0x0804 0x04b0

Babar.273359 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Babar.4!c
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Babar.273359
CAT-QuickHealRisktool.Flystudio.17324
McAfeeArtemis!0D1E2CC5CFEB
MalwarebytesGeneric.Malware.AI.DDS
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 005246d51 )
K7GWTrojan ( 005246d51 )
CrowdStrikewin/malicious_confidence_100% (D)
CyrenW32/Trojan.GRW.gen!Eldorado
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEXMalicious
CynetMalicious (score: 100)
BitDefenderGen:Variant.Babar.273359
EmsisoftGen:Variant.Babar.273359 (B)
VIPREGen:Variant.Babar.273359
McAfee-GW-EditionBehavesLike.Win32.HLLP.ch
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.0d1e2cc5cfebd1d5
SophosGeneric Reputation PUA (PUA)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Babar.273359
MAXmalware (ai score=85)
Antiy-AVLTrojan/Win32.FlyStudio.a
ArcabitTrojan.Babar.D42BCF
MicrosoftTrojan:Win32/Wacatac.A!ml
GoogleDetected
BitDefenderThetaGen:NN.ZexaF.36662.0i3faOVSuyob
ALYacGen:Variant.Babar.273359
VBA32BScope.Trojan.Dynamer
Cylanceunsafe
PandaGeneric Malware
TrendMicro-HouseCallTROJ_GEN.R002H0CI923
RisingMalware.Undefined!8.C (TFE:5:yDDHLpEhjaR)
IkarusTrojan.Win32.Sasfis
MaxSecureDropper.Dinwod.frindll
FortinetRiskware/Application
Cybereasonmalicious.dc9705
DeepInstinctMALICIOUS

How to remove Babar.273359?

Babar.273359 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment