Malware

Babar.41970 removal

Malware Removal

The Babar.41970 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Babar.41970 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Deletes executed files from disk

How to determine Babar.41970?



File Info:

name: C0A65436583A9C1CC139.mlw
path: /opt/CAPEv2/storage/binaries/fe003b46de8704a212f8817aabb84b1cbe2139fc1bbad23fbc07722b67b7463a
crc32: 62098C31
md5: c0a65436583a9c1cc13952014dc3fa07
sha1: d2ea9c78f8bbd046fa19cdb836d06ccc6f1ba383
sha256: fe003b46de8704a212f8817aabb84b1cbe2139fc1bbad23fbc07722b67b7463a
sha512: 21ec180526993e1269eb95499ec962a3a12271351cc1311b10f28a1a11a9d46f52a48c90b4114d53d6cd543253d3b05978c59632cc983a44f89753616c9fd133
ssdeep: 3072:bapDKNPjvP+0JLfh/IIpLhkb0Nf2e+FhFOEwzgkF1iDhF7J2kvrKKl9OX4bUMpTo:bapGI+LfdptkEGtjk7YhF7NF9b1o
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CF3422D6831A2BADEA5E1D7C2B5F1FC33D9135790E61CBE21CF142A524870645E8EE60
sha3_384: 5bcc0db6bc6838722b023406e5bd0b04643e6ebf157638f063e64f93117d7ae9e312cf7265f9ed44d37bd2633295a10d
ep_bytes: bb000000005789d25e81c20100000021
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Babar.41970 also known as:

BkavW32.AIDetect.malware1
LionicHeuristic.File.Generic.00×1!p
tehtrisGeneric.Malware
DrWebTrojan.Packed2.43250
MicroWorld-eScanGen:Variant.Babar.41970
FireEyeGeneric.mg.c0a65436583a9c1c
ALYacGen:Variant.Babar.41970
CylanceUnsafe
ZillyaTrojan.Injector.Win32.899110
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 004bcce41 )
AlibabaTrojan:Win32/Injector.101c462d
K7GWTrojan ( 004bcce41 )
Cybereasonmalicious.6583a9
BitDefenderThetaAI:Packer.E1E88B5E1E
CyrenW32/Agent.CFZ.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Injector.EAHK
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Babar.41970
AvastWin32:Evo-gen [Trj]
TencentWin32.Trojan.Generic.Bgow
Ad-AwareGen:Variant.Babar.41970
EmsisoftGen:Variant.Babar.41970 (B)
ComodoPacked.Win32.MUPX.Gen@24tbus
F-SecureTrojan.TR/Crypt.ULPM.Gen
VIPREGen:Variant.Babar.41970
TrendMicroPAK_Xed-10
McAfee-GW-EditionBehavesLike.Win32.Generic.dc
SophosML/PE-A + Mal/TibsPak
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Babar.41970
GoogleDetected
AviraTR/Crypt.ULPM.Gen
MAXmalware (ai score=86)
Antiy-AVLGrayWare/Win32.Kryptik.ffp
ArcabitTrojan.Babar.DA3F2
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Injector.RAQ!MTB
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.Generic.R370691
Acronissuspicious
McAfeeGenericRXAA-FA!C0A65436583A
VBA32BScope.Trojan.Wacatac
MalwarebytesTrojan.Downloader
TrendMicro-HouseCallPAK_Xed-10
RisingTrojan.Kryptik!1.D238 (CLASSIC)
IkarusTrojan.Win32.Injector
MaxSecureTrojan.Malware.7164915.susgen
FortinetW32/Kryptik.EAHK!tr
AVGWin32:Evo-gen [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Babar.41970?

Babar.41970 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment