Malware

Babar.66905 malicious file

Malware Removal

The Babar.66905 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Babar.66905 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Creates a copy of itself
  • Deletes executed files from disk

How to determine Babar.66905?



File Info:

name: B3B97AD429F7CB8F3792.mlw
path: /opt/CAPEv2/storage/binaries/f2ebc50a81ff1f0363ee90706b28f750f017b650010722be0b50b0e26c9ec8ea
crc32: 0D298E07
md5: b3b97ad429f7cb8f379257d6ad997594
sha1: b884edd23522a7b45e007c44cc7734f247dd1f0b
sha256: f2ebc50a81ff1f0363ee90706b28f750f017b650010722be0b50b0e26c9ec8ea
sha512: 5b63bdd813827ccc99dfe7f823456013e50c73a711775ce94f242155f4bbec147c7a8bc14e0beafe52b763d249e7a020afb6a148c94c9ced25f42c6cf10976a2
ssdeep: 1536:Pd62+FfkeKfMUneMQJxGkkE3v6fhWgRttM0CmuJd4BXKikc6C:Pd6FkQJQ43v6fhtsBbd4M5C
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1FF931208C36B1EB4D9F266B7AAE09ECB7D03A438908DCB0365308A491D513F9DC89F57
sha3_384: ffbddc617117b7a5907c145ce7019a7ca9554c6db36b510dffa91213fb59a2273552e5c7910b81d49628436a96e53f1e
ep_bytes: 68000000005f5301ca5e09d281e9d40e
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Babar.66905 also known as:

LionicHeuristic.File.Generic.00×1!p
tehtrisGeneric.Malware
DrWebTrojan.Packed2.43250
MicroWorld-eScanGen:Variant.Babar.66905
FireEyeGeneric.mg.b3b97ad429f7cb8f
McAfeeGenericRXAA-FA!B3B97AD429F7
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.3154618
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0058c5ff1 )
AlibabaTrojan:Win32/Copak.98680cd4
K7GWTrojan ( 0058c5ff1 )
Cybereasonmalicious.429f7c
BitDefenderThetaGen:NN.ZexaF.34646.fmZ@aqxLbnk
CyrenW32/Kryptik.DCC.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.HITO
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Packed.Copak-9853643-0
KasperskyHEUR:Trojan.Win32.Copak.vho
BitDefenderGen:Variant.Babar.66905
NANO-AntivirusTrojan.Win32.Agent.ixszcw
AvastWin32:Evo-gen [Trj]
TencentTrojan.Win32.Copak.hb
Ad-AwareGen:Variant.Babar.66905
ComodoPacked.Win32.MUPX.Gen@24tbus
VIPREGen:Variant.Babar.66905
McAfee-GW-EditionBehavesLike.Win32.VirRansom.nc
EmsisoftGen:Variant.Babar.66905 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Babar.66905
JiangminTrojan.Copak.civ
GoogleDetected
AviraHEUR/AGEN.1200606
MAXmalware (ai score=81)
Antiy-AVLTrojan/Generic.ASBOL.C686
MicrosoftTrojan:Win32/Injector.RAQ!MTB
CynetMalicious (score: 100)
AhnLab-V3Malware/Gen.RL_Reputation.R366732
Acronissuspicious
VBA32BScope.Trojan.Wacatac
ALYacGen:Variant.Babar.66905
MalwarebytesSpyware.PasswordStealer
RisingTrojan.Kryptik!1.D238 (CLASSIC)
IkarusTrojan.Kryptik
FortinetW32/Kryptik.HITO!tr
AVGWin32:Evo-gen [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Babar.66905?

Babar.66905 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment