{ "id": "15b2415c-9818-474e-8efe-a0e4864ee6dd", "created_at": "2026-04-06T00:10:53.938002Z", "updated_at": "2026-04-10T03:32:46.23669Z", "deleted_at": null, "sha1_hash": "812d82de57b60dff6b0b80ed6e221bbef4c94631", "title": "VirusTotal - File - b804ab085f7cf9ee546d586b36ebbeb73f874205b8fae048760dee78375ddf40", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 64925, "plain_text": "SUMMARY DETECTION DETAILS RELATIONS BEHAVIOR COMMUNITY 6\r\nJoin our Community and enjoy additional community insights and crowdsourced detections, plus an\r\nAPI key to automate checks.\r\nPopular\r\nthreat\r\nlabel\r\ntrojan.tedy/nekark Threat categories trojan drop Family labels tedy nekark e\r\nAhnLab-V3 Trojan/Win.Generic.C5755652\r\nAlibaba Trojan:Win64/Nekark.30355fad\r\nAliCloud Trojan:Win/Tedy.Gen\r\nALYac Gen:Variant.Tedy.739823\r\nAntiy-AVL Trojan/Win32.Etset\r\nArcabit Trojan.Tedy.DB49EF\r\nArctic Wolf Unsafe\r\nAvast Win64:MalwareX-gen [Misc]\r\nAVG Win64:MalwareX-gen [Misc]\r\nAvira (no cloud) TR/AD.Nekark.ohzzt\r\nBitDefender Gen:Variant.Tedy.739823\r\nClamAV Win.Dropper.Tedy-10034813-0\r\nCTX Exe.trojan.tedy\r\nDeepInstinct MALICIOUS\r\nDrWeb Trojan.Siggen31.21502\r\nElastic Malicious (moderate Confidence)\r\nEmsisoft Gen:Variant.Tedy.739823 (B)\r\neScan Gen:Variant.Tedy.739823\r\nESET-NOD32 Win64/Agent.FUJ\r\nFortinet W32/PossibleThreat\r\nGData Gen:Variant.Tedy.739823\r\nGoogle Detected\r\nHuorong Trojan/Agent.bul\r\nIkarus Trojan.Win64.Agent\r\nSecurity vendors' analysis Do you want to automate checks?\r\nb804ab085f7cf9ee546d586b36ebbeb73f87420 Sign in Sign up\r\nWe use cookies and related technologies to remember user preferences, for security, to\r\nanalyse our traffic, and to enable website functionality. Learn more about cookies in our\r\nPrivacy Notice. Ok\r\nhttps://www.virustotal.com/gui/file/b804ab085f7cf9ee546d586b36ebbeb73f874205b8fae048760dee78375ddf40\r\nPage 1 of 3\n\nJiangmin Trojan.Tedy.bn\r\nK7AntiVirus Trojan ( 005c63451 )\r\nK7GW Trojan ( 005c63451 )\r\nLionic Trojan.Win32.Nekark.4!c\r\nMalwarebytes Malware.AI.4283727895\r\nMaxSecure Trojan.Malware.222663135.susgen\r\nMcAfee Scanner Ti!B804AB085F7C\r\nMicrosoft Trojan:Win32/Etset!rfn\r\nPalo Alto Networks Generic.ml\r\nPanda Trj/Chgt.AD\r\nQuickHeal Trojan.Ghanarava.1752313494ee44d4\r\nRising Dropper.Agent!1.1279F (CLASSIC)\r\nSangfor Engine Zero Trojan.Win32.Agent.Vrm3\r\nSophos Mal/Generic-S\r\nSymantec ML.Attribute.HighConfidence\r\nTencent Malware.Win32.Gencirc.144945a3\r\nTrellix ENS Artemis!8E4051967CB0\r\nTrendMicro-HouseCall TROJ_GEN.R002H09DG25\r\nVarist W64/ABTrojan.NVDZ-7160\r\nVIPRE Gen:Variant.Tedy.739823\r\nVirIT Trojan.Win64.Agent.IAP\r\nViRobot Trojan.Win.Z.Tedy.3674624\r\nWithSecure Trojan.TR/AD.Nekark.ohzzt\r\nXcitium Malware@#2ewxqksem85yt\r\nZillya Trojan.Agent.Win64.86278\r\nAcronis (Static ML) Undetected\r\nBaidu Undetected\r\nBkav Pro Undetected\r\nCMC Undetected\r\nCrowdStrike Falcon Undetected\r\nCynet Undetected\r\nGridinsoft (no cloud) Undetected\r\nKaspersky Undetected\r\nKingsoft Undetected\r\nNANO-Antivirus Undetected\r\nSecureAge Undetected\r\nSentinelOne (Static ML) Undetected\r\nSkyhigh (SWG) Undetected\r\nSign in Sign up\r\nWe use cookies and related technologies to remember user preferences, for security, to\r\nanalyse our traffic, and to enable website functionality. Learn more about cookies in our\r\nPrivacy Notice. Ok\r\nhttps://www.virustotal.com/gui/file/b804ab085f7cf9ee546d586b36ebbeb73f874205b8fae048760dee78375ddf40\r\nPage 2 of 3\n\nSUPERAntiSpyware Undetected\r\nTACHYON Undetected\r\nTEHTRIS Undetected\r\nTrapmine Undetected\r\nTrendMicro Undetected\r\nVBA32 Undetected\r\nWebroot Undetected\r\nYandex Undetected\r\nZoneAlarm by Check Point Undetected\r\nZoner Undetected\r\nAvast-Mobile Unable to process file type\r\nBitDefenderFalx Unable to process file type\r\nSymantec Mobile Insight Unable to process file type\r\nTrustlook Unable to process file type\r\nSign in Sign up\r\nWe use cookies and related technologies to remember user preferences, for security, to\r\nanalyse our traffic, and to enable website functionality. Learn more about cookies in our\r\nPrivacy Notice. Ok\r\nhttps://www.virustotal.com/gui/file/b804ab085f7cf9ee546d586b36ebbeb73f874205b8fae048760dee78375ddf40\r\nPage 3 of 3", "extraction_quality": 1, "language": "EN", "sources": [ "Malpedia" ], "references": [ "https://www.virustotal.com/gui/file/b804ab085f7cf9ee546d586b36ebbeb73f874205b8fae048760dee78375ddf40" ], "report_names": [ "b804ab085f7cf9ee546d586b36ebbeb73f874205b8fae048760dee78375ddf40" ], "threat_actors": [ { "id": "3fff98c9-ad02-401d-9d4b-f78b5b634f31", "created_at": "2023-01-06T13:46:38.376868Z", "updated_at": "2026-04-10T02:00:02.949077Z", "deleted_at": null, "main_name": "Cleaver", "aliases": [ "G0003", "Operation Cleaver", "Op Cleaver", "Tarh Andishan", "Alibaba", "TG-2889", "Cobalt Gypsy" ], "source_name": "MISPGALAXY:Cleaver", "tools": [], "source_id": "MISPGALAXY", "reports": null } ], "ts_created_at": 1775434253, "ts_updated_at": 1775791966, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/812d82de57b60dff6b0b80ed6e221bbef4c94631.pdf", "text": "https://archive.orkl.eu/812d82de57b60dff6b0b80ed6e221bbef4c94631.txt", "img": "https://archive.orkl.eu/812d82de57b60dff6b0b80ed6e221bbef4c94631.jpg" } }