Malware

Tedy.148375 (B) removal

Malware Removal

The Tedy.148375 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Tedy.148375 (B) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config

How to determine Tedy.148375 (B)?


File Info:

name: F74ED4FC30BF0E8CC89B.mlw
path: /opt/CAPEv2/storage/binaries/fa56e1fb19fde959868f2a524e3b0ae55e264ac88a3d9b51f7c4add7412b21d9
crc32: CAD47043
md5: f74ed4fc30bf0e8cc89bea45163ec459
sha1: 65866e222cd6bc4796a8c7730ba38f70674aea9c
sha256: fa56e1fb19fde959868f2a524e3b0ae55e264ac88a3d9b51f7c4add7412b21d9
sha512: 44325bade0045996814309753dd6f4092fa935506cbfcaacd54d32c8b2a461e6e903ce8c637d77eb69b65b1867e307ccb867a66deeae28a069796a332b8a1297
ssdeep: 6144:ONeZ3uU35ILcRKVc7irmgvc5Mr6WLoIBYn0Dxu:ONtU35W1+2r+qG0Dxu
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17634024823F4C57AC9D35E30DE70EEE61BEAA92A21585F5F03808F4B3D36752590E366
sha3_384: 3b8eb401cdce2262abfc73a8fa62a267eafe082c910bd069445dabd6f9a76626aa9eb3c2149ad8449c901b4236fe6020
ep_bytes: 558bec81ecf40300005356576a205f33
timestamp: 2021-09-25 21:55:49

Version Info:

Comments: Needfuls162 bumblebees
CompanyName: afpriknings haandevendingernes
FileDescription: Rudloff Underentreprenrens238
FileVersion: 6.9.8
LegalCopyright: Afmnstrings Perplex42 WINSOMENESS
LegalTrademarks: othellokage unraked Bhlandet
ProductName: OVERRATIONALIZED Tranio Stupa Affine
Translation: 0x0409 0x04b0

Tedy.148375 (B) also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Tedy.148375
FireEyeGen:Variant.Tedy.148375
McAfeeArtemis!F74ED4FC30BF
BitDefenderGen:Variant.Tedy.148375
CyrenW32/Trojan.LKFR-7928
ESET-NOD32NSIS/Injector.ASH
Paloaltogeneric.ml
KasperskyHEUR:Trojan-Downloader.Win32.GuLoader.gen
Ad-AwareGen:Variant.Tedy.148375
IkarusTrojan.NSIS.Agent
McAfee-GW-EditionArtemis
Trapminesuspicious.low.ml.score
EmsisoftGen:Variant.Tedy.148375 (B)
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataGen:Variant.Tedy.148375
ALYacGen:Variant.Tedy.148375
MAXmalware (ai score=86)
MalwarebytesTrojan.Dropper.NSIS
FortinetNSIS/Injector.AOW!tr
AVGFileRepMalware [Trj]
AvastFileRepMalware [Trj]

How to remove Tedy.148375 (B)?

Tedy.148375 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment