Categories: Malware

Babar.374147 removal tips

The Babar.374147 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Babar.374147 virus can do?

Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Babar.374147?


File Info:
name: E99DE155ACA286DA8824.mlwpath: /opt/CAPEv2/storage/binaries/9276cfd0edf5ed02788c0ef85e4656cfbffd85bd59b57d467257b14ce41d8e4ecrc32: EACB9A4Emd5: e99de155aca286da882441d6ed6da9b5sha1: 2f57ea425a1674cbd71377a2d58c467875c743adsha256: 9276cfd0edf5ed02788c0ef85e4656cfbffd85bd59b57d467257b14ce41d8e4esha512: 8c9d62035e4b9e1ea459fdb134f9f31c04c24386113e15fd05cd150f96f364a7d127b0416ce4f796e3278578a2a6d36408d18e47cdcfd56bf01a3a13b6a82fa3ssdeep: 24576:/EPxzT2fsksx/osYoWd3V2Y1xdfMKFKruwDlwHOj6guN8ZfpzAmHU:/AKsYnl5f9cLVecP7Utype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T11C659E26F5C284B1D75525B094ABA73DEA74DA960F218FC3E3A0DDB82D332E0D537219sha3_384: b4d95507efd402bb8624d1ed1270ca7e9cdb2b42198830e8bac746f64b2f3eca5b40b1dd14b4901613c6a6c2bf837bb3ep_bytes: 558bec6aff68181f530068c44d4e0064timestamp: 2013-04-13 06:44:08
Version Info:
FileVersion: 3.2.4.0FileDescription: 小四自动化程序ProductName: 定制版程序ProductVersion: 3.2.4.0CompanyName: 小四出品LegalCopyright: 小四出品 版权所有 http://xiaosicp.taobao.comComments: 定制的程序对他人或者定制人造成的损失或者引发的纠纷，由定制人承担，程序作者不承担一切由软件及其延伸的后果。Translation: 0x0804 0x04b0

Babar.374147 also known as:

Bkav	W32.AIDetectMalware
tehtris	Generic.Malware
MicroWorld-eScan	Gen:Variant.Babar.374147
ClamAV	Win.Malware.Trojanx-9951053-0
FireEye	Generic.mg.e99de155aca286da
Skyhigh	BehavesLike.Win32.Generic.th
ALYac	Gen:Variant.Babar.374147
Malwarebytes	Generic.Malware.AI.DDS
K7AntiVirus	Trojan ( 005246d51 )
K7GW	Trojan ( 005246d51 )
Cybereason	malicious.25a167
Arcabit	Trojan.Babar.D5B583
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEX	Malicious
Cynet	Malicious (score: 100)
BitDefender	Gen:Variant.Babar.374147
Emsisoft	Gen:Variant.Babar.374147 (B)
VIPRE	Gen:Variant.Babar.374147
Sophos	Generic ML PUA (PUA)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.Bingoml.fcc
Google	Detected
Antiy-AVL	Trojan/Win32.FlyStudio.a
Kingsoft	malware.kb.a.962
Xcitium	TrojWare.Win32.Agent.OSCF@5rs7jr
Microsoft	Program:Win32/Wacapew.C!ml
GData	Win32.Trojan.PSE.1FX883P
Varist	W32/Trojan.CLL.gen!Eldorado
MAX	malware (ai score=89)
Cylance	unsafe
Rising	Trojan.Generic@AI.100 (RDML:ya0vT0yFzVD3y/K7G1OMtw)
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	Riskware/FlyApplication
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_70% (D)