home

babylon8_setup.exe

The executable babylon8_setup.exe has been detected as malware by 7 anti-virus scanners. The file has been seen being downloaded from dl2.hamirayane.com.
MD5:
845d201c8ca701e96c5e7e6a8041980e

SHA-1:
9916967e96ff9589acf42d0b1e5e52dc8d7f6af9

SHA-256:
4e254a5c07f0b29c7b818b1df3445b3d69afe59df9b95c46bcbd7c46d36f6aea

Scanner detections:
7 / 68

Status:
Malware

Analysis date:
4/25/2024 4:44:12 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
160518-2

Dr.Web
Trojan.DownLoader7.50702
9.0.1.05190

Emsisoft Anti-Malware
Worm.MSIL.Grenam
11.5.0.6191

ESET NOD32
MSIL/Agent.EF worm
8.0.319.0

McAfee
Trojan.Dropper-FHU!845D201C8CA7
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.223.1545.0

Norman
Worm.MSIL.Grenam.A
28.05.2016 15:32:18

File size:
250 KB (256,000 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\babylon8_setup.exe

File PE Metadata
Compilation timestamp:
6/2/2012 4:42:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:DfjEyQam7e2G0PFn0wcccccccceDtHOCvv5BYzY9DGent:ED4vDVOMvYkxht

Entry address:
0x12E48

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.7596

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
68 KB (69,632 bytes)

The file babylon8_setup.exe has been seen being distributed by the following URL.

http://dl2.hamirayane.com/Download/DL21E9e4Mc6k2101069M6nR73ztyTy510r1qnEb2/Babylon_Dictionary/.../Babylon8_setup.exe

Remove babylon8_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.