Malware

Babar.83382 removal instruction

Malware Removal

The Babar.83382 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Babar.83382 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Babar.83382?



File Info:

name: 8672B4A1B290E28448F8.mlw
path: /opt/CAPEv2/storage/binaries/45c2bce59321975cfdabbf2922d4f53f49291c29017514ff6e81c1eff3c21aec
crc32: CFB6228E
md5: 8672b4a1b290e28448f8814ba4c70ffa
sha1: 474a37d1993d3b95960107c816f5442944654838
sha256: 45c2bce59321975cfdabbf2922d4f53f49291c29017514ff6e81c1eff3c21aec
sha512: 0d253c97dab8b0fb1fe87b3a925a64e1d6c5b396774a4a484abbf8c2480fc3abd15c8ad3d44debf05de61eb802c7d252545b42b931c1743bfd164122a9ffd49e
ssdeep: 3072:XezXlAXPzbhZOKkXGzTAz5tDnVsqu7w8DHFgQmkKigc:XClAfhZOKQEA9squpIkK0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T125040246C7849982DE56AC3055370C062B39AACF177C237316D5FE2B2D363C67E8692E
sha3_384: c3b74a660142c470c048eaadf73bb00856e373e526d09333b70627c87e1b89d2bc98ffee3c038722c7b3cb451e370554
ep_bytes: 60be000043008dbe0010fdff668187ec
timestamp: 2018-08-02 08:43:46


Version Info:

LegalTrademarks: (C) 2007-2015  Avirsa Holding 
InternalName: ChinasYoffset
FileDescription: Cmpuserve Stating After Edited
FileVersion: 4.6.5.6
LegalCopyright: (C) 2007-2015  Avirsa Holding 
OriginalFilename: ChinasYoffset
CompanyName: Avirsa Holding 
ProductName: ChinasYoffset
ProductVersion: 4.6.5.6
Translation: 0x0409 0x04b0

Babar.83382 also known as:

CynetMalicious (score: 100)
FireEyeGeneric.mg.8672b4a1b290e284
ALYacGen:Variant.Babar.83382
CylanceUnsafe
VIPREGen:Variant.Babar.83382
K7AntiVirusTrojan-Downloader ( 00536b541 )
K7GWTrojan-Downloader ( 00536b541 )
Cybereasonmalicious.1b290e
CyrenW32/Trojan.HZQP-5296
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
ESET-NOD32Win32/TrojanDownloader.Small.AZP
APEXMalicious
ClamAVWin.Trojan.CobInt-6699266-0
KasperskyVHO:Trojan.Win32.Convagent.gen
BitDefenderGen:Variant.Babar.83382
NANO-AntivirusTrojan.Win32.Yakes.fhrrjh
MicroWorld-eScanGen:Variant.Babar.83382
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Babar.83382
EmsisoftGen:Variant.Babar.83382 (B)
DrWebTrojan.Siggen7.54742
ZillyaTrojan.GenericKD.Win32.144052
Trapminemalicious.moderate.ml.score
IkarusTrojan-Ransom.Crysis
GDataGen:Variant.Babar.83382
JiangminTrojan.Yakes.aalm
WebrootW32.Trojan.Gen
AviraHEUR/AGEN.1227707
Antiy-AVLTrojan/Generic.ASMalwS.24F
ArcabitTrojan.Babar.D145B6
ViRobotTrojan.Win32.Agent.163328.V
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Trojan/Win32.Yakes.C2646013
MAXmalware (ai score=84)
VBA32BScope.TrojanBanker.Fibbit
MalwarebytesMalware.Heuristic.1003
TencentMalware.Win32.Gencirc.114d4d5a
YandexTrojan.Yakes!Xl2KFB+NkmM
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen
BitDefenderThetaGen:NN.ZexaCO.34646.kmMfaawGElmi
AVGWin32:Malware-gen

How to remove Babar.83382?

Babar.83382 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment