Tea[.]dll | Triage

Sharing

General

Target

Tea.dll
Size

28KB
MD5

a2c33dbde18d37eacb4391da322dc0cd
SHA1

cdc70a9d59d65071c1a25fd354b366a97d4df81a
SHA256

65c9e596a6aa902dbd0dfa20d3ad9e3227d6a9d5d685f937fc8fe16f6e354168
SHA512

d3683cfb78ffa6b2e7af18b65328fd6e3468916b393df92886f36efa569cbb595bb84998d5711fcc653609da82ef7452c5e63581a38852724a1957f01f8de55d
SSDEEP

768:RfE+QMKzlkADORf87ItGn1vEd4Hupvr/gz:R5btf0XwEupjS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Tea.dll

Files

Tea.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/root/output/1a1a87db-22e9-444f-8a76-7aba71968e26/tea-csharp/Tea-nuget/obj/Release/netstandard2.0/Tea.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ