Malware

What is “Tedy.61168 (B)”?

Malware Removal

The Tedy.61168 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Tedy.61168 (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Presents an Authenticode digital signature
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

wpad.local-net

How to determine Tedy.61168 (B)?



File Info:

name: 01F9CB1664FC862AD43C.mlw
path: /opt/CAPEv2/storage/binaries/b5ffcd9e3fbb35ed23269f035f1b1f5bb95cc4a76681c5758734c01969748e03
crc32: 401E305E
md5: 01f9cb1664fc862ad43c1c8452e679a7
sha1: 14a57902d451ab7f1dcae44bc7e26fdfae81613e
sha256: b5ffcd9e3fbb35ed23269f035f1b1f5bb95cc4a76681c5758734c01969748e03
sha512: 9f1d31bc1c86b56890cf4fb79827398097dc8cb02fb6976668ac20c18ddb7960a993e9d784548e212a3e4fc0d42e5308bdb05504867436d0d7f24ecc23b62288
ssdeep: 6144:BT2IoJoOYlZZ3X97WTSsdbusLgKGFAWadzmQX37v1bNzyGkLnZ3YCi+s:BroJoO0Z1X96kegKiAWQj7vxNzyGwaL
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1A0C44A51F3E410E8F5B79A35C9728502DAB67C5A1B30DA8F13A4265A1F33BD18D39F22
sha3_384: 1cda1432983d82b725d5bcc24e263b70fab84b2aa3f462b81257eb935c671490fb70a606a66082f2c642e034c9001652
ep_bytes: 4883ec28e87b0500004883c428e97afe
timestamp: 2020-12-09 14:24:12


Version Info:

CompanyName: Oracle Corporation
FileDescription: Java(TM) Web Start Launcher
FileVersion: 11.281.2.09
Full Version: 11.281.2.09
InternalName: Java(TM) Web Start Launcher
LegalCopyright: Copyright © 2020
OriginalFilename: javaws.exe
ProductName: Java(TM) Platform SE 8 U281
ProductVersion: 8.0.2810.9
Translation: 0x0000 0x04b0

Tedy.61168 (B) also known as:

LionicTrojan.Win32.Mikey.4!c
MicroWorld-eScanGen:Variant.Tedy.61168
FireEyeGen:Variant.Tedy.61168
ALYacGen:Variant.Tedy.61168
AlibabaTrojan:Win32/Generic.4e285964
CyrenW64/Mikey.BS.gen!Eldorado
SymantecTrojan.Gen.MBT
TrendMicro-HouseCallTROJ_GEN.R002H09KN21
BitDefenderGen:Variant.Tedy.61168
AvastWin64:Malware-gen
Ad-AwareGen:Variant.Tedy.61168
EmsisoftGen:Variant.Tedy.61168 (B)
McAfee-GW-EditionRDN/Generic.dx
SophosGeneric PUA BE (PUA)
IkarusTrojan.Win32.Rbot
GDataGen:Variant.Tedy.61168
Antiy-AVLTrojan/Generic.ASCommon.18B
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
McAfeeRDN/Generic.dx
MAXmalware (ai score=85)
FortinetW64/Bulz.9225!tr
WebrootW32.Trojan.Gen
AVGWin64:Malware-gen
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Tedy.61168 (B)?

Tedy.61168 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment