33357f3bf9acb134f36ee8dd34cb7b70629c1458a78a605caea74db6f0220619 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33357f3bf9acb134f36ee8dd34cb7b70629c1458a78a605caea74db6f0220619
Size

48KB
MD5

6d5d66d1f988d0f988df19c02ad4ebb9
SHA1

9223d2a429451266265f52fb1e56132cb985108e
SHA256

33357f3bf9acb134f36ee8dd34cb7b70629c1458a78a605caea74db6f0220619
SHA512

961e8fe2c6e31e9d5492ead7f58ec73effcff5d738330db0104e6f3fbb416ec1a5a88f32becf6e0e48bd46ab6157c3257ac34032e6f660460b0db8c0133c51b5
SSDEEP

768:GSHuiJjNwuDGGyGxtyGplQDbXJbAp6Kjjjjjjjj:G3iJjNwelkGplObXJbAdjjjjjjjj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33357f3bf9acb134f36ee8dd34cb7b70629c1458a78a605caea74db6f0220619

Files

33357f3bf9acb134f36ee8dd34cb7b70629c1458a78a605caea74db6f0220619
.dll windows:4 windows x86 arch:x86

a51e8379935305a045539434f9b865a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

carclw60

CARC__EnterInstance
CARC__ExitInstance
CARC__CallUnderflowError
GOL$FILLDATA
GOL$COPYDATA
CARC__GetDynamicCallAddress
CARC__Inspect
GOL$COPYFILL
GOL$58
CARC__StopRun
_CARC__LibraryMain@12

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RCLID_TE
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 382B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RCLEP_DA
Size: 4KB - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 246B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ