BabylonTC.exe

BabylonTC

Ginger Software

The application BabylonTC.exe has been detected as a potentially unwanted program by 2 anti-malware scanners. This file is typically installed with the program Babylon by Babylon Ltd which is a potentially unwanted software program. This will display context specific advertisements in the browser as well as attempt to modify the browser's search provider. While running, it connects to the Internet address ba.gingersoftware.xglobe.net on port 80 using the HTTP protocol.
Publisher:
Ginger Software

Product:
BabylonTC

Version:
1.13.127

MD5:
a1969f518c854d3b1b1e5129a857b06f

SHA-1:
ab80c35d25e136f286b0b3ca12afe0e69b8da016

SHA-256:
a556b142ada7766d19e8f82080b5a139d38a37fcc757f76af4d6d5bcd9589bb3

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 12:44:14 AM UTC  (today)

Scan engine
Detection
Engine version

Boost by Reason
Optional.GingerSoftware.J
188163

Reason Heuristics
PUP.Babylon
16.2.1.13

File size:
2.8 MB (2,898,432 bytes)

Product version:
1.13.127

Copyright:
Copyright (C) 2009

Original file name:
BabylonTC.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\babylon\babylon-pro\tc\babylontc.exe

File PE Metadata
Compilation timestamp:
5/5/2011 11:40:28 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:AAeGHL//DkJo6GUX5KnZtrO6D9DzPfJQsmE7NaPymYT+K081Wk+ZHPt04:VL//KRPMtrO65DzPfn7F70

Entry address:
0x90CE0

Entry point:
8B, FF, 55, 8B, EC, E8, 26, CC, 00, 00, E8, 11, 00, 00, 00, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 6A, FE, 68, 18, 99, 4E, 00, 68, 70, C7, 48, 00, 64, A1, 00, 00, 00, 00, 50, 83, C4, 94, 53, 56, 57, A1, 68, 1B, 50, 00, 31, 45, F8, 33, C5, 50, 8D, 45, F0, 64, A3, 00, 00, 00, 00, 89, 65, E8, C7, 45, 90, 00, 00, 00, 00, C7, 45, FC, 00, 00, 00, 00, 8D, 45, A0, 50, FF, 15, 68, C2, 4C, 00, C7, 45, FC, FE, FF, FF, FF, EB, 26, B8, 01, 00, 00, 00, C3, 8B, 65, E8, C7...
 
[+]

Entropy:
7.5291

Code size:
805.5 KB (824,832 bytes)

The file BabylonTC.exe has been discovered within the following programs.

Babylon  by Babylon Ltd
Babylon is a computer dictionary and translation program, developed by Babylon Ltd. Babylon's translation software prompts to add the Babylon Toolbar, identified as a browser hijacker. The toolbar also comes bundled as an add-on with other software downloads.
www.babylon.com/products/babylon
67% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ba.gingersoftware.xglobe.net  (173.231.152.50:80)

TCP (HTTP):
Connects to www.gingersoftware.xglobe.net  (173.231.146.230:80)

Remove BabylonTC.exe - Powered by Reason Core Security