SecuriteInfo[.]com[.]Variant[.]Tedy[.]349310[.]23773[.]24710[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Variant.Tedy.349310.23773.24710.exe
Size

3.7MB
MD5

3ef1d7533a7326e342cd7f8d23fba59e
SHA1

c4642fc4a196f7d177f2b1b1b105fe5f509039fa
SHA256

553759a82e6f5e6b4601ceca89af43194acb1128134c6659a2d9809a6bbf5a2d
SHA512

636b13fc901d92b5ba1e834c33a307a48bd0310b6d657ae906ff908376d566b8275a154455aff38c540aa33cedfb12f0c73fa9552f99c3e52eb52c8237f32da9
SSDEEP

98304:RXK3c1m/dd1TTXPqNXRn0fJavn2pxHZMc4h+obbNT:RXVqd1fq8fQvn2prjUF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Variant.Tedy.349310.23773.24710.exe

Files

SecuriteInfo.com.Variant.Tedy.349310.23773.24710.exe
.exe windows x86

215a4ae286896fe0a1129217f898f7a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
lstrlenA
LocalAlloc
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

shell32

ord524
ord239

ole32

CoInitialize

Sections

.text
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmpM_--
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp$_--
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1_--
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 120KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ