babylontoolbar.dll

Babylon Toolbar

Babylon BHO

This is part of the Babylon web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The module babylontoolbar.dll has been detected as adware by 3 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Babylon toolbar helper’. This will display context specific advertisements in the browser as well as attempt to modify the browser's search provider.
Publisher:
Babylon BHO

Product:
Babylon Toolbar

Version:
1.5.29.0

MD5:
ddfa1fc5db7adc0c8fa137047e1432eb

SHA-1:
65240391d7e05da4ba0488e1d8af4b48e173d385

SHA-256:
9618a5e352853748d42ac2980c55b51c5146a94edc8d14a293432a7bfa9c53fa

Scanner detections:
3 / 68

Status:
Adware

Analysis date:
3/3/2015 11:12:04 PM UTC  (today)

Scan engine
Detection
Engine version

Boost by Reason
Optional.BHO.BabylonBHO.O
188163

Reason Heuristics
PUP.BHO.BabylonBHO.O
14.2.22.1

SUPERAntiSpyware
PUP.BabylonToolbar
10840

File size:
235 KB (240,640 bytes)

Product version:
1.5.29.0

Copyright:
(c) Babylon Ltd. All rights reserved.

File type:
Dynamic link library (Win32 DLL)

Language:
Hebräisch (Israel)

Common path:
C:\Program Files\babylontoolbar\babylontoolbar\1.5.29.1\bh\babylontoolbar.dll

File PE Metadata
Compilation timestamp:
6/26/2012 11:24:12 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:Iym2HI3APErevXX4P5EW5O1h1ujecZh9s7KY3:7JHIQPErevXX4P5vm1ujecZhGl

Entry address:
0x17211

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, BB, 75, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 57, 56, 8B, 75, 0C, 8B, 4D, 10, 8B, 7D, 08, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, A0, 01, 00, 00, 81, F9, 80, 00, 00, 00, 72, 1C, 83, 3D, E0, 8B, 03, 10, 00, 74, 13, 57, 56, 83, E7, 0F, 83, E6, 0F, 3B, FE, 5E, 5F, 75, 05, E9, D2, 77, 00, 00, F7, C7, 03, 00, 00, 00, 75, 14, C1, E9, 02, 83, E2...
 
[+]

Code size:
159 KB (162,816 bytes)

Internet Explorer BHO
Display name:
Babylon toolbar helper

CLSID:
{2EECD738-5844-4a99-B4B6-146BF802613B}


There are 10 known variations of babylontoolbar.dll by Babylon BHO.

4 / 68      (Adware)
babylontoolbar.dll  1.8.24.0  (0d0e153885d1e45021c284eaf831f7840a645602)

2 / 68      (Adware)
babylontoolbar.dll  1.8.22.0  (0c90266dcc215bda9bd74307b54fe1c96614da1c)

5 / 68      (Adware)
babylontoolbar.dll  1.8.7.0  (4177cdaf11607f758f0f61aac99935b2516a3897)

5 / 68      (Adware)
babylontoolbar.dll  1.8.4.0  (c2271fcf31657c532a4ba88cab1ca5804cbba8bf)

5 / 68      (Adware)
babylontoolbar.dll  1.8.3.0  (ead1ee01c0ff5c843913f4aca179569077d3b069)

2 / 68      (Adware)
babylontoolbar.dll  1.8.0.0  (5e0438ac8156c6b4b05f598516409ecbff2599af)

4 / 68      (Adware)
babylontoolbar.dll  1.7.1.0  (bf105294eaa8e802bab7c2be8a8ce74e50db0a56)

5 / 68      (Adware)
babylontoolbar.dll  1.6.9.0  (350d871e6b6ce5bbd923b7b100a7949662651e42)

3 / 68      (Adware)
babylontoolbar.dll  1.6.9.0  (a926d4f53f5f88fc341687644c74c2ffb5a9795a)

2 / 68      (Adware)
babylontoolbar.dll  1.4.15.0  (c16209c7db533ec8f05a280482fdad8bd7e3f66c)

6 / 68      (Adware)
~babylontoolbar.dll  (07dbc56e68a16ca266a113874f1632998c3891dc)

Detection Incidence by Country