Malware

Tedy.136192 (file analysis)

Malware Removal

The Tedy.136192 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Tedy.136192 virus can do?

  • Presents an Authenticode digital signature
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous binary characteristics
  • Binary compilation timestomping detected

How to determine Tedy.136192?



File Info:

name: 2A4C1A4F88FDC626851C.mlw
path: /opt/CAPEv2/storage/binaries/eecd996992670ea40258ad89ba45e2a27b711c46696b947723657bbddcf6a955
crc32: 6003E98B
md5: 2a4c1a4f88fdc626851cce82b893d582
sha1: a1139c276e55ac8becf64aacdaa58e638494dba0
sha256: eecd996992670ea40258ad89ba45e2a27b711c46696b947723657bbddcf6a955
sha512: a85082529dfaa1a98ce943bf5d26db3fe14adcc3ccbf859634bf9e0c3d33fd592dec627a528dbdc0fb4cf562bba47e69e93446a83ed571fa59846be265234621
ssdeep: 6144:jDtWHbnvu1IGgJxOCyTBHy3cjNFOQXd3BB6YrQSykF/5jKnqrNHQ9HxsM:PtWHLvuPgJp6Cu/+kF9KnKe9RsM
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B0F4D6DE51C15849CFAF07F00DFBE62E857296C613474BEA732E91F06B620CEA56D4A0
sha3_384: e77def8b310d0fb48502a9bf619404da1b5f14611e13b6f7ca2adddbe15b4cf6e3a00fef8744bbd12d7af159f0f57313
ep_bytes: ff250020400000000000000000000000
timestamp: 2075-01-31 15:16:17


Version Info:

Translation: 0x0409 0x04b0
Comments: Njcidpe
CompanyName: Microsoft Corporation
FileDescription: Network Configuration Objects
FileVersion: 10.0.19041.746 (WinBuild.160101.0800)
InternalName: netcfgx.dll
LegalCopyright: © Microsoft Corporation. All rights reserved.
LegalTrademarks: 
OriginalFilename: netcfgx.dll
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.746
Assembly Version: 5.27.81.6

Tedy.136192 also known as:

BkavW32.AIDetectNet.01
LionicTrojan.Win32.Ursu.4!c
MicroWorld-eScanGen:Variant.Tedy.136192
FireEyeGeneric.mg.2a4c1a4f88fdc626
CylanceUnsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0058a4ac1 )
AlibabaBackdoor:MSIL/Androm.06e5e07d
K7GWTrojan ( 0058a4ac1 )
Cybereasonmalicious.f88fdc
CyrenW32/MSIL_Kryptik.GBM.gen!Eldorado
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Kryptik.ADLB
Paloaltogeneric.ml
KasperskyHEUR:Backdoor.MSIL.Androm.gen
BitDefenderGen:Variant.Tedy.136192
AvastWin32:Trojan-gen
Ad-AwareGen:Variant.Tedy.136192
SophosMal/Generic-S
DrWebTrojan.Inject4.33426
TrendMicroTROJ_GEN.R002C0WF622
EmsisoftGen:Variant.Tedy.136192 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Tedy.136192
AviraHEUR/AGEN.1235208
ArcabitTrojan.Tedy.D21400
ZoneAlarmHEUR:Backdoor.MSIL.Androm.gen
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
Acronissuspicious
ALYacGen:Variant.Ursu.335044
MAXmalware (ai score=82)
MalwarebytesTrojan.Crypt.MSIL
TrendMicro-HouseCallTROJ_GEN.R002C0WF622
FortinetMSIL/Kryptik.ADMI!tr
BitDefenderThetaGen:NN.ZemsilF.34712.Tm2@a43uOmgi
AVGWin32:Trojan-gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Tedy.136192?

Tedy.136192 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment