SecuriteInfo[.]com[.]Variant[.]Tedy[.]391406[.]28752[.]9200[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Variant.Tedy.391406.28752.9200.dll
Size

10KB
MD5

6f1e8420ba7f5f3c5645b79b39bdbf23
SHA1

9404973a4c9d6193f152d368481b23d44f364f52
SHA256

d0d86b4d778e1f8b305e27406aee1af02343bfb9855bebbffd6d44d1badc3366
SHA512

52615a55e6aa4e6f1d7de0d1bfaa34cdd2c0a40a115f1697efa5324312fd0741e6b4b0640e68fa104ad07f288a7811339bf4e4f5bf4c8857340e7157efa2c09e
SSDEEP

192:26l2zATvBhZ7+5QnIQYe+qfaSd4n12Mu:Nl2z+uiDiSdS2Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Variant.Tedy.391406.28752.9200.dll

Files

SecuriteInfo.com.Variant.Tedy.391406.28752.9200.dll
.dll windows x86

eed76f52bdfc4695e3635fd281dbe35b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
EnumSystemCodePagesA
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent

winmm

mmioSendMessage
WOW32ResolveMultiMediaHandle
mmioAscend
auxGetNumDevs
timeSetEvent
waveOutGetNumDevs
tid32Message

comdlg32

PageSetupDlgA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameW
GetFileTitleW

crypt32

CertGetCRLFromStore
CryptGetMessageCertificates

resutils

ResUtilGetBinaryProperty
ResUtilResourceTypesEqual
ResUtilStartResourceService
ClusWorkerCheckTerminate
ResUtilStopResourceService

mscms

GetPS2ColorRenderingIntent
SetColorProfileElementSize
GetColorProfileElementTag
DisassociateColorProfileFromDeviceA
SetStandardColorSpaceProfileW

mapi32

ord161
ord21
ord177
ord182
ord171
ord76
ord186
ord200

Exports

Exports

JKbtgdfd
_AllocateExecutableMemory@4
_AllocateMemory@4
_AllocateReadOnlyMemory@4
_ChangeMemoryProtection@16
_CompareMemory@12
_FindPattern@16
_FreeMemory@4
_GCopyMemory@12
_GFillMemory@12
_GMoveMemory@12
_GZeroMemory@8
_ReadMemory@12
_WriteMemory@12

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eed76f52bdfc4695e3635fd281dbe35b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winmm

comdlg32

crypt32

resutils

mscms

mapi32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 12B

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 512B - Virtual size: 400B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 12B

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 512B - Virtual size: 400B