Ransom

Generic.Ransom.Babuk.C.D9C419AC removal

Malware Removal

The Generic.Ransom.Babuk.C.D9C419AC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Ransom.Babuk.C.D9C419AC virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Anomalous file deletion behavior detected (10+)
  • Dynamic (imported) function loading detected
  • Manipulates data from or to the Recycle Bin
  • Authenticode signature is invalid
  • Exhibits possible ransomware file modification behavior
  • CAPE detected the Babuk malware family
  • Checks for the presence of known devices from debuggers and forensic tools
  • Checks for the presence of known devices from debuggers and forensic tools

How to determine Generic.Ransom.Babuk.C.D9C419AC?



File Info:

name: 5AFF6C02F9D607CBC9B5.mlw
path: /opt/CAPEv2/storage/binaries/4a1c3bd4bf4987d57113cd3ec0f955663d51211533d3a556ddf102531ca8a4b7
crc32: 53B8705F
md5: 5aff6c02f9d607cbc9b5a80906fe4fcd
sha1: 9e88688e9715a4da64573af3a909db1d4cf31df4
sha256: 4a1c3bd4bf4987d57113cd3ec0f955663d51211533d3a556ddf102531ca8a4b7
sha512: 678acafff959f9d226ec429ab50ced455ff272755aaa4d9cf7daa994d352dc315a5accf64d0ae9bb62867bd81067c75f9b3e83c4fd440f89e1ccc5b9b3d881e0
ssdeep: 1536:2KG6++mq1sA1jB5g15ijsrQLOJgY8ZZP8LHD4XWaNH71dLdG1iiFM2iG2JyqMsEH:pf++mqOAhB5g1ssrQLOJgY8Zp8LHD4X8
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AA6385116B45E6B6D5912130811BF1B6C23A097003F162A7A7C11BBFFB256B8E27DF27
sha3_384: 6663fcc3bb2181d520ad6264ee6b9ab38ff5ee464d15fc5510a5e864a61e9ccfe6fa2ad8fb7ec898e5602e87171281c6
ep_bytes: 558bec81ec94000000a1a410410033c5
timestamp: 2022-04-19 11:11:38


Version Info:

0: [No Data]

Generic.Ransom.Babuk.C.D9C419AC also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Ransom.Babuk.C.D9C419AC
FireEyeGeneric.mg.5aff6c02f9d607cb
CAT-QuickHealRansom.babuk.S23689783
ALYacGeneric.Ransom.Babuk.C.D9C419AC
VIPREGeneric.Ransom.Babuk.C.D9C419AC
BitDefenderGeneric.Ransom.Babuk.C.D9C419AC
Cybereasonmalicious.2f9d60
BitDefenderThetaAI:Packer.1741B3081D
SymantecML.Attribute.HighConfidence
APEXMalicious
ClamAVWin.Ransomware.Packer-7473772-1
RisingTrojan.Generic@AI.97 (RDML:fD1Xzd+fIT9eM688atropA)
Ad-AwareGeneric.Ransom.Babuk.C.D9C419AC
EmsisoftGeneric.Ransom.Babuk.C.D9C419AC (B)
McAfee-GW-EditionBehavesLike.Win32.Upatre.km
SentinelOneStatic AI – Suspicious PE
JiangminGeneric.Ransom.b
AviraTR/Dropper.Gen
MAXmalware (ai score=88)
MicrosoftRansom:Win32/Babuk.ECCP!MTB
GDataGeneric.Ransom.Babuk.C.D9C419AC
CynetMalicious (score: 100)
AhnLab-V3Ransomware/Win.Maze.R473427
McAfeeGenericRXQL-KE!5AFF6C02F9D6
VBA32BScope.Trojan.Encoder
MalwarebytesMalware.AI.3155384457
PandaTrj/GdSda.A
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Babuk.6407!tr.ransom
AVGWin32:RansomX-gen [Ransom]
AvastWin32:RansomX-gen [Ransom]
CrowdStrikewin/malicious_confidence_70% (D)

How to remove Generic.Ransom.Babuk.C.D9C419AC?

Generic.Ransom.Babuk.C.D9C419AC removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment