SecuriteInfo[.]com[.]Variant[.]Tedy[.]391406[.]23514[.]12934[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Variant.Tedy.391406.23514.12934.dll
Size

22KB
MD5

d82c75b8b443b1c8ab92cc812588970e
SHA1

5515a61ddc70778165c705f3f7064c7d8494db4a
SHA256

68a6085ee0282eb63672ac98199b85873aa7739785b778734d55b4e5b0753e4a
SHA512

7d34a3787789e2cdc6db8fa00d3cd139a6723f6466f2a15a8d83486788b0e20c6b032346f3e1c26e898edea84ce00b5dd55fb7b416836341ee820ea0c8e6ea8c
SSDEEP

192:pf/UcfLqctyxnsI+gaECeZ5aJewLRsutxFBXgGWqjEvMyALnN7kNt/EGJY9f7+KE:ZkmEmsuPXjW2/NQfEZzDCCtNAOO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Variant.Tedy.391406.23514.12934.dll

Files

SecuriteInfo.com.Variant.Tedy.391406.23514.12934.dll
.dll windows x86

ea8dd1c2ea47cf69f065030ed6a667bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
VirtualProtect
GetModuleHandleA
GetProcAddress
EnumSystemCodePagesW
IsProcessorFeaturePresent

rpcrt4

RpcServerUseAllProtseqs
NdrServerContextNewUnmarshall
NDRSContextUnmarshall
NdrSimpleTypeMarshall
NdrMesTypeEncode
NdrConformantArrayFree

wsnmp32

ord401
ord101
ord106
ord205
ord202
ord999
ord603

mapi32

ord51
ord8
ord36
ord150
ord205

setupapi

SetupDiOpenDevRegKey
SetupDiSetSelectedDriverA
SetupDiGetDeviceInterfaceAlias
SetupInstallServicesFromInfSectionExW
SetupInitDefaultQueueCallback
SetupFindFirstLineW

rtm

MgmReleaseInterfaceOwnership
RtmDeleteRouteTable
MgmDeInitialize
MgmGetNextMfe

urlmon

CoInternetCombineUrl
CopyStgMedium
ObtainUserAgentString
CopyBindInfo
WriteHitLogging
GetClassURL
URLOpenPullStreamW
FindMediaType

Exports

Exports

JKbtgdfd
_AllocateExecutableMemory@4
_AllocateMemory@4
_AllocateReadOnlyMemory@4
_ChangeMemoryProtection@16
_CompareMemory@12
_FindPattern@16
_FreeMemory@4
_GCopyMemory@12
_GFillMemory@12
_GMoveMemory@12
_GZeroMemory@8
_ReadMemory@12
_WriteMemory@12

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea8dd1c2ea47cf69f065030ed6a667bf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rpcrt4

wsnmp32

mapi32

setupapi

rtm

urlmon

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 140B

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 1024B - Virtual size: 576B

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 140B

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 1024B - Virtual size: 576B