» BabylonIEPI.dll
Overview
Analysis
File Details

BabylonIEPI.dll

Babylon IE Addin

Babylon Ltd.

This is part of the Babylon web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The module BabylonIEPI.dll, “Babylon Internet Explorer Addin” by Babylon has been detected as adware by 4 anti-malware scanners. This will display context specific advertisements in the browser as well as attempt to modify the browser's search provider.

File name:

BabylonIEPI.dll

Publisher:

Babylon Ltd. (signed and verified)

Product:

Babylon IE Addin

Description:

Babylon Internet Explorer Addin

Version:

8.0.5.8

MD5:

ba88fb66635914fdd3477c115b1075b1

SHA-1:

82317d84da355821dc42a312f78c4fd53d6baa92

SHA-256:

8c2c88431a01107b46e35fef18fe6bcd912cea50e71b0d1f6d0f9fc36967773c

Scanner detections:

4 / 68

Status:

Adware

Analysis date:

4/27/2024 3:30:03 AM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Adware.Win32.Bbylon

4.0.3.151111

Microsoft Security Essentials

Adware:Win32/Babylon

1.163.1557.0

Norman

Babylon.A

11.20151111

Reason Heuristics

PUP.Babylon (M)

15.11.11.8

File size:

247.7 KB (253,672 bytes)

Product version:

8.0.5.8

Original file name:

BabylonIEPI.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\babylon\setup\babyloniepi.dll

Digital Signature

Signed by:

Babylon Ltd.

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

3/8/2009 8:00:00 PM

Valid to:

3/9/2010 6:59:59 PM

Subject:

CN=Babylon Ltd., OU=SECURE APPLICATION DEVELOPMENT, O=Babylon Ltd., L=Or-Yehuda, S=Or-Yehuda, C=IL

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

76B79B3B3038808496E06B3A6FF3981A

File PE Metadata

Compilation timestamp:

2/9/2010 8:31:58 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

3072:zWBEIbGWo6KKKLcAZ/GspKMGBIbEztAQROJNINt5YCic2y259jMEJDG77:KEIbGWBAVGshLbE5xROLm5YtcAMN

Entry address:

0x19DED

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 3C, 78, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 68, B0, 75, 01, 10, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, BC, 58, 03, 10, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, 50, 64, FF, 35... 
[+]

Entropy:

6.2932

Code size:

163.5 KB (167,424 bytes)

Remove BabylonIEPI.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.