Malware

Tedy.399254 (B) removal guide

Malware Removal

The Tedy.399254 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Tedy.399254 (B) virus can do?

  • Unconventionial language used in binary resources: Polish
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Executable file is packed/obfuscated with Themida
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Tedy.399254 (B)?



File Info:

name: 59769729D1FAD7BBC43A.mlw
path: /opt/CAPEv2/storage/binaries/4e9d6bfde3c7c390d88df34c962c34cd54d75c15d7f11130c43da72695ba9461
crc32: 6BEA12F3
md5: 59769729d1fad7bbc43ae6380ce68907
sha1: ece7710794aa44dc0325dfc71d009648fa16e74c
sha256: 4e9d6bfde3c7c390d88df34c962c34cd54d75c15d7f11130c43da72695ba9461
sha512: 88e242f36478c560b790d7d3815bcdc9f4fbd96ae4bb339dd3cf1aad935d6941f4b15ddc83701140c0c5e1e0375b3b9d7ccbc3ba8e47d934049daf430ec79449
ssdeep: 98304:+h1VW27gN9V3QIk0xxoHnxkv53t6lGQYf/TnYF0cwtIg0WuLGoA:y5AD3QIxxoOvFt6xYf60BSqpr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11F4633A334413CD4ED37AA75CE3A50809D90DD782C566A04B55F779E8E3938CF3886AB
sha3_384: f4275668b1a07b731f893a27be26e50fdcba2d420bb3cdbf82636e57574d51a09fa298ce2422df01e51fa61fb7a1f0ad
ep_bytes: e84b0100005389e3538b73088b7b10fc
timestamp: 2023-07-11 15:04:31


Version Info:

CompanyName: BOOST - NET
FileDescription: Metin2 Bot
FileVersion: 1.1.0.6
InternalName: HLBot
LegalCopyright: Copyright (C) 2023
OriginalFilename: HLBot.exe
ProductName: HLBot
ProductVersion: 1.1.0.6
Translation: 0x0409 0x04b0

Tedy.399254 (B) also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Tedy.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Tedy.399254
FireEyeGeneric.mg.59769729d1fad7bb
McAfeeArtemis!59769729D1FA
Cylanceunsafe
SangforTrojan.Win32.Agent.Vhh5
Cybereasonmalicious.794aa4
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
APEXMalicious
CynetMalicious (score: 100)
BitDefenderGen:Variant.Tedy.399254
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Malware-gen
SophosGeneric ML PUA (PUA)
VIPREGen:Variant.Tedy.399254
McAfee-GW-EditionBehavesLike.Win32.Dropper.tc
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Tedy.399254 (B)
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Tedy.399254
Antiy-AVLTrojan/Win32.PossibleThreat
ArcabitTrojan.Tedy.D61796
ALYacGen:Variant.Tedy.399254
MAXmalware (ai score=89)
TrendMicro-HouseCallTROJ_GEN.R002H09GF23
RisingTrojan.Generic@AI.100 (RDML:Awo+3LDCKs4Udj/dq1mWnA)
MaxSecureTrojan.Malware.214143704.susgen
FortinetW32/PossibleThreat
AVGWin32:Malware-gen
DeepInstinctMALICIOUS

How to remove Tedy.399254 (B)?

Tedy.399254 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment