About “Tedy.527835” infection

The Tedy.527835 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Tedy.527835 virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Tedy.527835?


File Info:
name: 2FC26AC73BB4DC65E7BD.mlw
path: /opt/CAPEv2/storage/binaries/2c00dd1ea6e6a3826eee2db05a52dbf9776fa2e4ef06868c12ba9f7ef298c73f
crc32: F68FDE4B
md5: 2fc26ac73bb4dc65e7bd2f7079af46c7
sha1: 690ae2274b04dd2735d8f67be1736ddcaa60f883
sha256: 2c00dd1ea6e6a3826eee2db05a52dbf9776fa2e4ef06868c12ba9f7ef298c73f
sha512: d5a6ca62e56aed543023b918c903f66f055d00f2c7bb65f8c7f66b7a70cc6cba06b5eb3dd45fc6faf3bc9d0574b27753bcc5a4de6edbe7f8b883a99af019ed8d
ssdeep: 1536:zaib1oNDBE1NPyI/XN0mhdxrP9R3bB5Bg5xxuKTWJS3wcPOkpBLyFpXrinh6rkki:zbb1oThI/XOmhdBPz7ih2jcItfQ
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T19BF35E00E512C07AFAFA41FDCAF78B7DA63C9770578510C7C7E1AAA99B290F1793141A
sha3_384: 8b1af4d279d92c0cec670af5bd6eafb5aa95f5c7e3eb4b0254351e67208ec9f5091a8c15ccb74efbc838993fc4a75e35
ep_bytes: 558bec51c745fc01000000837d0c0075
timestamp: 2017-02-17 12:40:37

Version Info:
0: [No Data]

Tedy.527835 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Gen:Variant.Tedy.527835
FireEye	Generic.mg.2fc26ac73bb4dc65
Skyhigh	BehavesLike.Win32.Infected.cm
McAfee	Artemis!2FC26AC73BB4
Cylance	unsafe
VIPRE	Gen:Variant.Tedy.527835
Sangfor	Trojan.Win32.Agent.Vbjy
K7AntiVirus	Trojan ( 005a81f41 )
K7GW	Trojan ( 005a81f41 )
CrowdStrike	win/malicious_confidence_100% (W)
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Packed.RopProof.A suspicious
APEX	Malicious
BitDefender	Gen:Variant.Tedy.527835
Avast	Win32:Evo-gen [Trj]
Emsisoft	Gen:Variant.Tedy.527835 (B)
Sophos	Generic Reputation PUA (PUA)
GData	Gen:Variant.Tedy.527835
Varist	W32/RopProof.H.gen!Eldorado
Antiy-AVL	Virus/Win32.Expiro.ropf
Kingsoft	malware.kb.a.995
Arcabit	Trojan.Tedy.D80DDB
Microsoft	Program:Win32/Wacapew.C!ml
AhnLab-V3	Trojan/Win.Evo-gen.C5582740
BitDefenderTheta	Gen:NN.ZedlaF.36744.ky4@ayKwghp
ALYac	Gen:Variant.Tedy.527835
MAX	malware (ai score=80)
TrendMicro-HouseCall	TROJ_GEN.R002H09B524
SentinelOne	Static AI – Suspicious PE
Fortinet	W32/Wacatac.B!tr
AVG	Win32:Evo-gen [Trj]
DeepInstinct	MALICIOUS

How to remove Tedy.527835?

Tedy.527835 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X