Malware

What is “Babar.69209”?

Malware Removal

The Babar.69209 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Babar.69209 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Babar.69209?



File Info:

name: 0BDDE16C034D40CCDC4A.mlw
path: /opt/CAPEv2/storage/binaries/108ce5c0d0bf009c20418f015b986a2430d63bf8a5dee714f9a3ff1b3d860601
crc32: D4851248
md5: 0bdde16c034d40ccdc4a3436c583b907
sha1: 4a3b4246714bbf98c78d45ea34c65b83f75c00ab
sha256: 108ce5c0d0bf009c20418f015b986a2430d63bf8a5dee714f9a3ff1b3d860601
sha512: b75154828dd68016d7f59c538d3fb42cf75f98f0a0437e586d92bcb67309b65d937f458666ce9c3b64e74da9efef2653deffe8d60df289b90c98fb82c51a9d22
ssdeep: 24576:c+qQPbsMJ/kpX3X6bRqdbli07dAthnIb1S0R2hU++/+TthPKf+Q46uQ5p3h3ieqc:c+qQPbsMJ/GnksKhMSY2hUqCqc
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T15BB50A039A8B0E75DDC23BB461CB633B9734EE30CA2A9B7FF609C53559532C5681A742
sha3_384: ad66bc3b42a6fcf079bc5fecf9664c2979286221654c6527a11e49e403167c499d27d593c44b7c0c07c44393d10d203b
ep_bytes: 83ec1cc7042401000000ff150cd35100
timestamp: 2022-06-12 17:40:35


Version Info:

0: [No Data]

Babar.69209 also known as:

Elasticmalicious (moderate confidence)
CylanceUnsafe
CyrenW32/Kryptik.GTB.gen!Eldorado
ESET-NOD32a variant of Win32/Kryptik.HPFH
KasperskyHEUR:Trojan-Spy.Win32.Stealer.gen
BitDefenderGen:Variant.Babar.69209
MicroWorld-eScanGen:Variant.Babar.69209
TencentTrojan-Psw.Win32.Reline.16000435
Ad-AwareGen:Variant.Babar.69209
EmsisoftGen:Variant.Babar.69209 (B)
FireEyeGen:Variant.Babar.69209
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Babar.69209
ArcabitTrojan.Doris.D2FED
ZoneAlarmHEUR:Trojan-Spy.Win32.Stealer.gen
MicrosoftTrojan:Win32/Wacatac.B!ml
ALYacGen:Variant.Doris.12269
MAXmalware (ai score=88)
RisingStealer.Agent!8.C2 (TFE:dGZlOgVnfBNGBYqyGw)
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Kryptik.HPRZ!tr
BitDefenderThetaGen:NN.ZexaF.34712.u!Z@aCMdPtl

How to remove Babar.69209?

Babar.69209 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment