home

babylon9_setup.exe

The application babylon9_setup.exe has been detected as a potentially unwanted program by 42 anti-malware scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. This will display context specific advertisements in the browser as well as attempt to modify the browser's search provider.
MD5:
50391ea0c278bfa9200398563fe5e0b7

SHA-1:
6ba9160e1bffe7958309de9fabfbf25c747e8b6a

SHA-256:
9a456ef0200898272a78561cf8811c6646b96b5dbc32450bd254f9f0c74dc4a8

Scanner detections:
42 / 68

Status:
Potentially unwanted

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
4/24/2024 6:09:48 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Win32.Parite.B
834

AegisLab AV Signature
W32.Sality
2.1.4+

Agnitum Outpost
Win32.Parite.B
7.1.1

AhnLab V3 Security
Win32/Parite
2014.07.18

Avira AntiVirus
W32/Parite
7.11.30.172

avast!
Win32:Parite
2014.9-141024

AVG
Adware Toolbar
2015.0.3312

Baidu Antivirus
Virus.Win32.Parite.$b
4.0.3.141024

Bitdefender
Win32.Parite.B
1.0.20.1485

Bkav FE
W32.Clod8f1.Trojan
1.3.0.4613

Clam AntiVirus
Heuristics.W32.Parite.B
0.98/19185

Comodo Security
UnclassifiedMalware
17579

Dr.Web
Adware.Babylon.15
9.0.1.0297

Emsisoft Anti-Malware
Win32.Parite
8.14.10.24.03

ESET NOD32
Win32/Toolbar.Babylon.A potentially unwanted application
8.7.0.302.0

Fortinet FortiGate
W32/Parite.B
10/24/2014

F-Prot
W32/Parite.B
v6.4.6.5.141

F-Secure
Win32.Parite.B
11.2014-24-10_6

G Data
Win32.Parite
14.10.24

IKARUS anti.virus
Virus.Parite
t3scan.1.6.1.0

K7 AntiVirus
Virus
13.180.12763

Kaspersky
Virus.Win32.Parite
14.0.0.3054

Malwarebytes
PUP.Optional.Babylon.A
v2014.10.24.03

McAfee
W32/Pate.b
5600.6968

Microsoft Security Essentials
Threat.Undefined
1.179.317.0

MicroWorld eScan
Win32.Parite.B
15.0.0.891

NANO AntiVirus
Riskware.Win32.Babylon.craswq
0.28.0.57029

Norman
Pinfi.A
11.20141024

nProtect
Virus/W32.Parite.C
14.07.17.01

Panda Antivirus
W32/Parite.B
14.10.24.03

Qihoo 360 Security
Virus.Win32.Parite.H
1.0.0.1015

Quick Heal
W32.Perite.A
10.14.14.00

Reason Heuristics
Threat.Win.Reputation.IMP
14.10.24.3

Rising Antivirus
PE:Win32.Parite.b!16043
23.00.65.141022

Sophos
W32/Parite-B
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
10281

Total Defense
Win32/Pinfi.A
37.0.11065

Trend Micro House Call
HV_ZYX_CB2402E8.TOMC
7.2.297

Trend Micro
PE_PARITE.A
10.465.24

Vba32 AntiVirus
Virus.Win32.Parite.b
3.12.26.3

VIPRE Antivirus
Babylon
22470

ViRobot
Win32.Parite.A
2011.4.7.4223

File size:
235.8 KB (241,425 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\babylon9_setup.exe

File PE Metadata
Compilation timestamp:
2/5/2012 7:12:42 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:IMyLdDj7z3emoTjgxXwPwZWEP1T00RvrJfe+JP1iXNl4Vbh7orkpMl6z2FVx2TV0:IMyL1RmMPBfCQPuPSqkO4zSZXtetS

Entry address:
0x1762

Entry point:
55, 8B, EC, 83, E4, F8, 81, EC, 38, 02, 00, 00, A1, 00, 50, 40, 00, 33, C4, 89, 84, 24, 34, 02, 00, 00, 56, 57, 33, FF, 57, FF, 15, 40, 40, 40, 00, 6A, 0A, 8B, F0, 68, E8, 41, 40, 00, 56, FF, 15, 5C, 40, 40, 00, 3B, C7, 74, 16, 50, 8D, 44, 24, 20, 50, 8D, 44, 24, 20, 50, 56, E8, 61, 03, 00, 00, 83, C4, 10, EB, 05, B8, 16, 07, 00, 00, 3B, C7, 0F, 85, BB, 00, 00, 00, 8B, C6, 8D, 4C, 24, 20, 89, 7C, 24, 08, 89, 7C, 24, 0C, 89, 7C, 24, 10, C7, 44, 24, 14, 03, 00, 00, 00, E8, 23, F8, FF, FF, 3B, C7, 0F, 85, 94...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
12 KB (12,288 bytes)

Remove babylon9_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.