SecuriteInfo[.]com[.]Variant[.]Tedy[.]391406[.]23594[.]31231

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Variant.Tedy.391406.23594.31231
Size

10KB
MD5

2e8e103585a4ac49263cdcdcb30d5718
SHA1

8e6a4ad280fc912aa5c9bfe28f991da9eaae8af5
SHA256

8f9efffba7c859c753edb8682b53fea3d39de1a0b199b5cac8e8988bca7c5119
SHA512

ef77c08493f7c546d52786ad52356b2a07551c058ce042419baa3e564e02b5fbdfd71b3a037ea52ee409fabf28ab5223fa667a54ac6428763401f18264c8a7e8
SSDEEP

192:26b2zATvBhZ7+5QnIQYe+qfaSdXIpp12Cu:Nb2z+uiDiSdXc72j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Variant.Tedy.391406.23594.31231

Files

SecuriteInfo.com.Variant.Tedy.391406.23594.31231
.dll windows x86

eed76f52bdfc4695e3635fd281dbe35b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
EnumSystemCodePagesA
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent

winmm

mmioSendMessage
WOW32ResolveMultiMediaHandle
mmioAscend
auxGetNumDevs
timeSetEvent
waveOutGetNumDevs
tid32Message

comdlg32

PageSetupDlgA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameW
GetFileTitleW

crypt32

CertGetCRLFromStore
CryptGetMessageCertificates

resutils

ResUtilGetBinaryProperty
ResUtilResourceTypesEqual
ResUtilStartResourceService
ClusWorkerCheckTerminate
ResUtilStopResourceService

mscms

GetPS2ColorRenderingIntent
SetColorProfileElementSize
GetColorProfileElementTag
DisassociateColorProfileFromDeviceA
SetStandardColorSpaceProfileW

mapi32

ord161
ord21
ord177
ord182
ord171
ord76
ord186
ord200

Exports

Exports

JKbtgdfd
_AllocateExecutableMemory@4
_AllocateMemory@4
_AllocateReadOnlyMemory@4
_ChangeMemoryProtection@16
_CompareMemory@12
_FindPattern@16
_FreeMemory@4
_GCopyMemory@12
_GFillMemory@12
_GMoveMemory@12
_GZeroMemory@8
_ReadMemory@12
_WriteMemory@12

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eed76f52bdfc4695e3635fd281dbe35b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winmm

comdlg32

crypt32

resutils

mscms

mapi32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 12B

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 512B - Virtual size: 400B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 12B

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 512B - Virtual size: 400B