16908344.dll

Uninstall Module

Babylon Ltd.

This is part of the Babylon web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The module 16908344.dll, “Uninstall Application” by Babylon has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This will display context specific advertisements in the browser as well as attempt to modify the browser's search provider.
Publisher:
Babylon Ltd.  (signed and verified)

Product:
Uninstall Module

Description:
Uninstall Application

Version:
10.0.2.8

MD5:
bc28e1450be720f53d8731abffc07005

SHA-1:
b676d80a74a52117e42cbbcb5c6f5b63a2f29ccc

SHA-256:
cc3292f05d8bc56ab3ece23400bd7115e526f56aacb5c0e93199ef52a49a2519

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 12:12:14 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Babylon (M)
17.3.1.16

File size:
1.1 MB (1,159,168 bytes)

Product version:
10.0.2.8

Copyright:
Copyright © Babylon Ltd. 1997-2013

Original file name:
Uninstbb.exe

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
2/27/2012 12:00:00 AM

Valid to:
3/8/2014 11:59:59 PM

Subject:
CN=Babylon Ltd., O=Babylon Ltd., L=Or-Yehuda, S=Or-Yehuda, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
48C39FBA62460E24E169054FE518E0AF

File PE Metadata
Compilation timestamp:
12/23/2013 2:28:25 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x61E05

Entry point:
E8, D0, B2, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63, FC, FF, E0, 5B, C9, C2, 08, 00, 58, 59, 87, 04, 24, FF, E0, 8B, FF, 55, 8B, EC, 51, 51, 53, 56, 57, 64, 8B, 35, 00, 00, 00, 00, 89, 75, FC, C7, 45, F8, 73, 1E, 46, 00, 6A, 00, FF, 75, 0C, FF, 75, F8, FF, 75, 08, E8, 5F, 59, 01, 00, 8B, 45, 0C, 8B, 40, 04, 83, E0, FD, 8B, 4D, 0C, 89, 41, 04, 64, 8B, 3D...
 
[+]

Code size:
579 KB (592,896 bytes)

Remove 16908344.dll - Powered by Reason Core Security