Malware

Tedy.217736 malicious file

Malware Removal

The Tedy.217736 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Tedy.217736 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Executable file is packed/obfuscated with MPRESS
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Tedy.217736?



File Info:

name: 9E1147B8DE6629C1B8A2.mlw
path: /opt/CAPEv2/storage/binaries/01f228e0b7941eaf07640533f7bf26f6d6826e5bac085440a45423649ec4054f
crc32: AF372718
md5: 9e1147b8de6629c1b8a2fa49fcf305c1
sha1: e1afc15beb2776b41e35cca4b75f59edc46cab62
sha256: 01f228e0b7941eaf07640533f7bf26f6d6826e5bac085440a45423649ec4054f
sha512: 32ff5f82b455b7dec15cf3eef9f68412ee3bdc66cc190b281b19819867c8665d324ae2aad246a2ed9c9fbe9e66934a5c260984d3910ba02b79ee5bc25a044d42
ssdeep: 3072:jK+0mPiuf/Ok+9753fuDkhUKODEl+ENuH+w:jK2q64fuD/U+FH
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T147C3AE94700BBD7BF910EA7C0572BAAA5034ACB4EB53C0356AC4F39F1433592F1D46AA
sha3_384: 4bbffc5bdd4e7de743a3e4210ae77e6a996ca738cade1e9e1fe1eb3e38b7900010309b47025be5c687c386cd0d87fbbf
ep_bytes: 60e80000000058055a0b00008b3003f0
timestamp: 2011-07-12 12:34:39


Version Info:

Translation: 0x0409 0x04b0
CompanyName:  
LegalCopyright:  
LegalTrademarks:  
ProductName:  
FileVersion: 88.44.0022
ProductVersion: 88.44.0022
InternalName: ddd
OriginalFilename: ddd.exe

Tedy.217736 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.VBKrypt.mhnR
Elasticmalicious (high confidence)
DrWebBackDoor.Bifrost.21288
MicroWorld-eScanGen:Variant.Tedy.217736
SkyhighBehavesLike.Win32.Generic.cc
McAfeeArtemis!9E1147B8DE66
ZillyaTrojan.Refroso.Win32.36327
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0052964f1 )
AlibabaTrojan:Win32/VBKrypt.e545dc52
K7GWTrojan ( 0052964f1 )
Cybereasonmalicious.beb277
BitDefenderThetaAI:Packer.CD12D52220
VirITTrojan.Win32.VB.BCEO
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.EGW
APEXMalicious
ClamAVWin.Trojan.Refroso-6120
KasperskyTrojan.Win32.VBKrypt.vbmj
BitDefenderGen:Variant.Tedy.217736
NANO-AntivirusTrojan.Win32.Refroso.jwzwi
AvastWin32:GenMalicious-KJI [Trj]
TencentMalware.Win32.Gencirc.115069c0
EmsisoftGen:Variant.Tedy.217736 (B)
GoogleDetected
F-SecureTrojan.TR/Dropper.Gen
VIPREGen:Variant.Tedy.217736
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.9e1147b8de6629c1
SophosMal/VB-FQD
IkarusDoS.Win32.Doraah
GDataGen:Variant.Tedy.217736
JiangminTrojan/Refroso.anbh
WebrootW32.Trojan.Gen
AviraTR/Dropper.Gen
MAXmalware (ai score=96)
Antiy-AVLTrojan/Win32.Refroso
Kingsoftmalware.kb.b.997
XcitiumMalware@#1vqawptpj74mt
ArcabitTrojan.Tedy.D35288
ZoneAlarmTrojan.Win32.VBKrypt.vbmj
MicrosoftVirTool:Win32/VBInject.UG
CynetMalicious (score: 100)
ALYacGen:Variant.Tedy.217736
VBA32BScope.Malware-Cryptor.VBCR.2512
Cylanceunsafe
PandaGeneric Malware
RisingDropper.Generic!8.35E (CLOUD)
YandexTrojan.Refroso!1LXnaOa8KpE
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.2588.susgen
FortinetW32/Refroso.DZP!tr
AVGWin32:GenMalicious-KJI [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Tedy.217736?

Tedy.217736 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment