» ddcyromg.dll
Overview
Analysis
File Details

ddcyromg.dll

The library ddcyromg.dll has been detected as malware by 27 anti-virus scanners.

File name:

ddcyromg.dll

MD5:

795afdd018d3273aa79b595ee8c71be6

SHA-1:

ba30861eae01afb0913bf2b4ed075a7cfa55df49

SHA-256:

6832e9e4a204efdf46b354437e75ed63495f3ff1c52ae760141950f1caed6da4

Scanner detections:

27 / 68

Status:

Malware

Analysis date:

4/29/2024 7:07:04 AM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

Win-Trojan/Monderb.39424.L

5.0.

Avira AntiVirus

TR/Vundo.Gen

7.9.0.204

Emsisoft A-Squared

Trojan.Win32.Monderb!IK

4.5.0.18

avast!

Win32:Trojan-gen {Other}

2014.9-170309

AVG

Vundo

2018.0.2444

Bitdefender

Gen:Trojan.Heur.Vundo.207986A6A6

1.0.20.340

Comodo Security

TrojWare.Win32.Monderb.aost

1538

Dr.Web

Trojan.Virtumod.1465

9.0.1.068

ESET NOD32

Win32/Kryptik.TZ (variant)

11.4211

Fortinet FortiGate

W32/Vundo.W!tr

3/9/2017

F-Prot

W32/Virtumonde.BG.gen

v6.4.4.4.56

F-Secure

Trojan.Win32.Monderb.aost

11.2017-09-03_5

G Data

Gen:Trojan.Heur.Vundo.207986A6A6

17.3.19

IKARUS anti.virus

Trojan.Win32.Monderb

t3scan.1.1.64.0

K7 AntiVirus

Trojan.Win32.Malware.4

13.7.10.782

Kaspersky

Trojan.Win32.Monderb

14.0.0.-1284

McAfee

Vundo.gen.w

5600.6100

Microsoft Security Essentials

Trojan:Win32/Vundo.IG

1.163.1557.0

Norman

W32/Virtumonde.ATWB

11.20170309

nProtect

Trojan/W32.Monderb.39424.S

2009.1.8.0

Panda Antivirus

Generic Trojan

17.03.09.06

Prevx

High Risk Fraudulent Security Program

3.0

Quick Heal

Trojan.Monderb.aolg

3.17.10.00

Sophos

Troj/Virtum-Gen

4.43

Trend Micro

PAK_Generic.001

10.465.09

Vba32 AntiVirus

Trojan.Win32.Monderb.aolg

3.12.10.7

ViRobot

Trojan.Win32.Monder.39424.W

2009.7.2.1816

File size:

38.5 KB (39,424 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\temp\ddcyromg.dll

File PE Metadata

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

Entry address:

0x1142

Entry point:

55, 8B, EC, EB, 3B, 6E, 7A, 60, 7C, 77, 75, 65, 6A, 74, 77, 78, 6D, 66, 73, 6B, 6E, 73, 67, 62, 7F, 62, 67, 64, 66, 7B, 69, 7C, 62, 7E, 74, 6F, 7F, 7E, 70, 6B, 69, 67, 79, 70, 7D, 75, 61, 60, EB, 3D, 64, 73, 7B, 7D, 74, 7A, 69, 78, 78, 75, 62, 78, 64, 6B, EB, EE, 67, 68, 7E, EB, 3F, 65, 69, 6A, 69, 65, 76, 6F, 61, 6E, 61, 7D, 70, 73, 7C, 61, 61, 7E, 6E, 69, 67, 67, 63, 6C, 68, 67, 75, 7C, 71, 6D, 79, 6C, 6A, 74, 7B, 72, 7B, 62, 66, 7E, 7B, EB, D4, 63, 7C, 75, 67, 60, 72, 70, 77, 76, 60, 6D, 7E, 6F, 6B, 75... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

20 KB (20,480 bytes)

Remove ddcyromg.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.