Malware

About “Tedy.59794” infection

Malware Removal

The Tedy.59794 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Tedy.59794 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Presents an Authenticode digital signature
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Tedy.59794?



File Info:

name: 3BB3DB293E66736D3A15.mlw
path: /opt/CAPEv2/storage/binaries/4f4231f11f453a114ae72e90b9c728502cbe160042606e94b6837117a9c904a6
crc32: E5C9021E
md5: 3bb3db293e66736d3a15c2a01f322194
sha1: 2cfb314d678818d060adeecf97925e5100521627
sha256: 4f4231f11f453a114ae72e90b9c728502cbe160042606e94b6837117a9c904a6
sha512: 01669b719030379aa022972c458845646e3511f22d8a84e9233cbc2e68e2762c9e2592918ea50c572e5b1797cc54bed86507b5456f7b021e06c2cef68a0856b2
ssdeep: 49152:X3NCUTuh+ZkldoPK8YaIeXzqFExqSjHJ3uTFxhrFzesDUcf2myTp6VPcTT24:tCO2cPK8RHbsDV4
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T144F56A03A29540E9E69AC035DE46E232DB717C5D07F2A5EF32902A563E77AD03B3E711
sha3_384: e29c9ebb4b8fb497a30834732ce87f206724a8719840dd03f0c3387ed9208b0043fafa0c2f7bf9e7d4380d609c891082
ep_bytes: 4883ec28e8130600004883c428e972fe
timestamp: 2020-12-09 14:10:07


Version Info:

CompanyName: Oracle Corporation
FileDescription: Java(TM) Platform SE binary
FileVersion: 8.0.2810.9
Full Version: 1.8.0_281-b09
InternalName: java
LegalCopyright: Copyright © 2020
OriginalFilename: java.exe
ProductName: Java(TM) Platform SE 8
ProductVersion: 8.0.2810.9
Translation: 0x0000 0x04b0

Tedy.59794 also known as:

LionicTrojan.Win32.Tedy.4!c
MicroWorld-eScanGen:Variant.Tedy.59794
FireEyeGen:Variant.Tedy.59794
ALYacGen:Variant.Tedy.59794
CylanceUnsafe
Cybereasonmalicious.93e667
CyrenW64/Agent.DPD.gen!Eldorado
TrendMicro-HouseCallTROJ_GEN.R002H09L621
Paloaltogeneric.ml
BitDefenderGen:Variant.Tedy.59794
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Tedy.59794
EmsisoftGen:Variant.Tedy.59794 (B)
McAfee-GW-EditionBehavesLike.Win64.Dropper.wh
SophosGeneric ML PUA (PUA)
GDataGen:Variant.Tedy.59794
MAXmalware (ai score=84)
GridinsoftRansom.Win64.Sabsik.sa
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
McAfeeArtemis!3BB3DB293E66
SentinelOneStatic AI – Suspicious PE
FortinetW64/Agent.D05C!tr
AVGWin32:Malware-gen
CrowdStrikewin/malicious_confidence_80% (W)

How to remove Tedy.59794?

Tedy.59794 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment