Malware

What is “Babar.44841”?

Malware Removal

The Babar.44841 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Babar.44841 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Deletes executed files from disk

How to determine Babar.44841?



File Info:

name: 0B0031C446C042CFC77E.mlw
path: /opt/CAPEv2/storage/binaries/b20d9565e0f153e7c83f4eb9014ea37ba21f4ac2114ecb2b04017710bf4b0872
crc32: 909AA469
md5: 0b0031c446c042cfc77e1b4ed51843e4
sha1: e38a5308ce4569ec707a9a60c470969f84c5a5cc
sha256: b20d9565e0f153e7c83f4eb9014ea37ba21f4ac2114ecb2b04017710bf4b0872
sha512: 5d4e911ea9a8f61e902111ed6b975677919b52149ae232cce03b2b2a16674a1682031a43fffb3849ee1fbedfd3e795a2f3955bf0c86baf11484a0571b5d82bcb
ssdeep: 12288:UyIF3m3TGCM1GL8+iDNdRrtvTO8WVxz6hb8g1nAe/am8:UyIhmDGCam8DdLvTO8hBXN/+
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T189B4F1FBD336C47CC02027F85E121A053BDB33A635B796DD95D888B41A5A681F9CE2C6
sha3_384: e6da2570fadd0a47f31292158cd8aa897d4a2872c806bd102f17366d5731548ec1d41143425f7cb300d88cab545e785a
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: Turn Setup                                                  
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: Turn                                                        
ProductVersion: 2.0.1                                             
Translation: 0x0000 0x04b0

Babar.44841 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.4!c
AVGWin32:Adware-gen [Adw]
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader27.17667
MicroWorld-eScanGen:Variant.Babar.44841
FireEyeGen:Variant.Babar.44841
ALYacGen:Variant.Babar.44841
MalwarebytesGeneric.Malware.AI.DDS
VIPREGen:Variant.Babar.44841
SangforTrojan.Win32.Wirzemro.Vdb5
AlibabaTrojanDownloader:Win32/Wirzemro.eda774e7
CrowdStrikewin/grayware_confidence_90% (W)
BitDefenderThetaGen:NN.ZemsilF.36348.xm0@aS5K@4j
SymantecTrojan.Gen.MBT
ESET-NOD32multiple detections
CynetMalicious (score: 99)
APEXMalicious
Kasperskynot-a-virus:HEUR:AdWare.Win32.AdLoad.gen
BitDefenderGen:Variant.Babar.44841
NANO-AntivirusTrojan.Win32.HostsPatcher.fgtqgm
SUPERAntiSpywarePUP.Amonetize/Variant
AvastWin32:Adware-gen [Adw]
TencentWin32.AdWare.Adload.Aplw
EmsisoftGen:Variant.Babar.44841 (B)
F-SecureHeuristic.HEUR/AGEN.1332263
ZillyaTrojan.GenericKD.Win32.145932
TrendMicroTROJ_GEN.R002C0DGM23
McAfee-GW-EditionBehavesLike.Win32.ObfuscatedPoly.hc
SophosGeneric Reputation PUA (PUA)
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Babar.44841
JiangminAdWare.MSIL.lgtn
WebrootW32.Adware.Gen
AviraHEUR/AGEN.1332263
MAXmalware (ai score=100)
Antiy-AVLTrojan/MSIL.Wirzemro
XcitiumMalware@#2evs3j8vd9p0v
ArcabitTrojan.Babar.DAF29
ZoneAlarmnot-a-virus:HEUR:AdWare.Win32.AdLoad.gen
MicrosoftTrojan:MSIL/Wirzemro.B
GoogleDetected
AhnLab-V3PUP/Win32.Generic.C2668388
McAfeeArtemis!0B0031C446C0
VBA32Adware.Presenoker
Cylanceunsafe
PandaTrj/Downloader.S
TrendMicro-HouseCallTROJ_GEN.R002C0DGM23
RisingTrojan.Generic!8.C3 (CLOUD)
YandexTrojan.Agent!VChbHs1tooM
IkarusTrojan.MSIL.Qhost
MaxSecureTrojan-Clicker.MSIL.Agent.cngj
FortinetW32/Generic.AI!tr
DeepInstinctMALICIOUS

How to remove Babar.44841?

Babar.44841 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment