Malware

Tedy.239406 (file analysis)

Malware Removal

The Tedy.239406 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Tedy.239406 virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the PyInstaller malware family

How to determine Tedy.239406?



File Info:

name: 76633F8160A4B1BA7BDE.mlw
path: /opt/CAPEv2/storage/binaries/b9ad5c22847253f1bade591fd4f974c9bc760371cc17250ba3d3e15168d05355
crc32: 0D0DABDD
md5: 76633f8160a4b1ba7bde10a6dccdad77
sha1: e17de803e1c555a00c23fbaeff4f1a6c5ffe8d5c
sha256: b9ad5c22847253f1bade591fd4f974c9bc760371cc17250ba3d3e15168d05355
sha512: a0052bba53dfa377723c53866d0be631afa04995c4112d18272983d5bfa6ad90b2b5aa6a5de81dc430071f7c8d28b05edc049eaa145f6c47beffb62bb03c9bdf
ssdeep: 98304:Ut8Efozb71QGQCPDbZfzuOqV6lXaNC51Bu3rqkVpKAzXlN3+5PL3F4Z8ve1ahLWa:UtudQmRrdA6lXCy1ArqkVpKCX+PrF4Zk
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T159563350238508F5EDAA52398961CA3EE6E4FC12A360C36B43E07EA73F7B5D16C77641
sha3_384: efc2512171839e57ce2d0d2c593d83c5ce9aa8e63ebe4ccdf887db5aedb0adc81ac598d600296e802b4032d18c6368bc
ep_bytes: 4883ec28e8070500004883c428e97afe
timestamp: 2022-11-20 22:57:55


Version Info:

Comments: 
LegalCopyright: Epic Games
CompanyName: Epic Games Corporation
FileDescription: Fortnite
FileVersion: 4.18.1907.16384
ProductVersion: 4.18.1907.16384
InternalName: Epic Games Corporation
LegalTrademarks: Epic Games
OriginalFilename: cheat for Fortnite.exe
ProductName: Fortnite
BuildID: 20210602030101
Translation: 0x0000 0x04b0

Tedy.239406 also known as:

McAfeeBackDoor-NJRat!08088C76225F
VIPREGen:Variant.Tedy.239406
Cybereasonmalicious.160a4b
ESET-NOD32a variant of MSIL/Bladabindi.AS
APEXMalicious
KasperskyHEUR:Trojan.MSIL.Crypt.gen
BitDefenderGen:Variant.Tedy.239406
MicroWorld-eScanGen:Variant.Tedy.239406
AvastWin32:KeyloggerX-gen [Trj]
RisingBackdoor.njRAT!1.D4D6 (CLASSIC)
Ad-AwareGen:Variant.Tedy.239406
SophosMal/AsyncRat-B
DrWebBackDoor.BladabindiNET.9
ZillyaTrojan.Stealer.Win32.29558
McAfee-GW-EditionBackDoor-NJRat!08088C76225F
FireEyeGeneric.mg.76633f8160a4b1ba
EmsisoftGen:Variant.Tedy.239406 (B)
IkarusTrojan.MSIL.Bladabindi
JiangminTrojan.PSW.Python.iv
MAXmalware (ai score=81)
ArcabitTrojan.Tedy.D3A72E
GDataGen:Variant.Tedy.239406
GoogleDetected
ALYacGen:Variant.Tedy.239406
FortinetMSIL/Bladabindi.F!tr
BitDefenderThetaAI:Packer.A4B4413525
AVGWin32:KeyloggerX-gen [Trj]
CrowdStrikewin/malicious_confidence_60% (D)

How to remove Tedy.239406?

Tedy.239406 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment