Malware

What is “Babar.98252”?

Malware Removal

The Babar.98252 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Babar.98252 virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Babar.98252?



File Info:

name: 742A1CA4FF704ABF86E0.mlw
path: /opt/CAPEv2/storage/binaries/2c9bedafbf2b3b739f88027c1dc8ca396010b2104cf76ba63b144cc3e03679ac
crc32: 639D6A20
md5: 742a1ca4ff704abf86e0e0d7d2dded2e
sha1: 5a2648c3ed1b499fbcb7fc3ce5cad44d8b021752
sha256: 2c9bedafbf2b3b739f88027c1dc8ca396010b2104cf76ba63b144cc3e03679ac
sha512: d5a64c674e8366f2d38c3549714bf094aaf90a4fa2c9a4c3c4417b0f646f00e5023f69d862b223eee2ef606b6df89be7f2eebf98ca0445e914a6f8177a1a068c
ssdeep: 24576:+bxFeCgqbBgFqECvGsC/GRZzXz/E4ldgSuviNRUGlKZWejS+qKwj:+bVvG1GRZzXz/tlLKZWim
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1C8454DA4E78381F1F92315F0004BFBFB9A309A1B4435CC7BEAD8CD51FA72D922529656
sha3_384: f2e9238ff014e18286fe4fb4dd434baee3a6ad23bd8041aa79a98e27976ef5abe0a291af31bd087c1dcf0d149d092aa1
ep_bytes: c7056000520000000000e9b1fcffff90
timestamp: 2022-09-02 13:15:22


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Displays NIC MAC information
FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
InternalName: GetMac.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: GetMac.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.1
Translation: 0x0409 0x04b0

Babar.98252 also known as:

FireEyeGen:Variant.Babar.98252
CylanceUnsafe
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/GenKryptik.FZNB
BitDefenderGen:Variant.Babar.98252
MicroWorld-eScanGen:Variant.Babar.98252
Ad-AwareGen:Variant.Babar.98252
EmsisoftGen:Variant.Babar.98252 (B)
DrWebTrojan.SmokeLoader.29
GDataGen:Variant.Babar.98252
MAXmalware (ai score=88)
ArcabitTrojan.Babar.D17FCC
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ALYacGen:Variant.Babar.98252
VBA32BScope.TrojanPSW.RedLine
RisingTrojan.Kryptik!8.8 (TFE:5:VjxjjwM7beD)

How to remove Babar.98252?

Babar.98252 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment