Malware

Tedy.164711 information

Malware Removal

The Tedy.164711 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Tedy.164711 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • At least one process apparently crashed during execution
  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Authenticode signature is invalid

How to determine Tedy.164711?



File Info:

name: 364828A1A7C4E86433F1.mlw
path: /opt/CAPEv2/storage/binaries/28a4cef926376154c068c6c54370c3d003f61c75ac3f0126459ba3b357bbcca5
crc32: 90402EA4
md5: 364828a1a7c4e86433f141c374f24086
sha1: b2671b8558e3307b7de20b60cde3c90aca6631c0
sha256: 28a4cef926376154c068c6c54370c3d003f61c75ac3f0126459ba3b357bbcca5
sha512: 3d69f0f21d5050396ff4aaf657ca98a474aad6883d5a77584307dd371df4db7f3c965959ed8ed65a81078d8641033e547d500a8f5ba9ee81d9430793033583af
ssdeep: 12288:Fv3C9hzNvwo/O7mhgFGcjo/08AFnSgGPvGtwB62LGKHsbhOuwfx:FvS9hzNWKhYGc0/DAYgRm6gGPhG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B9C41274B3C5E487DAB100B4D2A3C1A296BDFEB8AD543253B2D1BF7F7C29581D212189
sha3_384: 20f20d4c16b02a8e05476770b07ce0b3140b1b3f1594fdb25ec35c5754da80d61b5ecbcfdf0ad51adc6f15606d1fc288
ep_bytes: 558bec81ec20020000565733ff680180
timestamp: 2021-09-25 21:56:18


Version Info:

Comments: Gentiva Health Services Inc.
CompanyName: Cisco Systems Inc.
FileDescription: Comcast Corp.
FileVersion: 25.26.21
LegalCopyright: Johnson Controls Inc.
LegalTrademarks: NCH Software
ProductName: Southwest Airlines Co
Translation: 0x0409 0x04e4

Tedy.164711 also known as:

Elasticmalicious (high confidence)
FireEyeGen:Variant.Tedy.164711
McAfeeArtemis!364828A1A7C4
AlibabaTrojanDownloader:Win32/GuLoader.48628779
CyrenW32/Injector.JDHL-6924
ESET-NOD32NSIS/Injector.ASH
APEXMalicious
KasperskyHEUR:Trojan-Downloader.Win32.GuLoader.gen
BitDefenderGen:Variant.Tedy.164711
MicroWorld-eScanGen:Variant.Tedy.164711
AvastNSIS:DropperX-gen [Drp]
Ad-AwareGen:Variant.Tedy.164711
Trapminemalicious.moderate.ml.score
GDataGen:Variant.Tedy.164711
MAXmalware (ai score=88)
MicrosoftTrojan:Win32/Wacatac.B!ml
MalwarebytesTrojan.GuLoader
AVGNSIS:DropperX-gen [Drp]

How to remove Tedy.164711?

Tedy.164711 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment