64def8362443b11284ab0302e07a0e349696b86be9048994c53d38a02779adc7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64def8362443b11284ab0302e07a0e349696b86be9048994c53d38a02779adc7
Size

12KB
MD5

513e5848d488d184d2a3f2e5a689bcb9
SHA1

c504b94a8a387fe2c857b31c55a8cb59b6089db3
SHA256

64def8362443b11284ab0302e07a0e349696b86be9048994c53d38a02779adc7
SHA512

a9e5fe595836da3f86fc70b31bdecde9c90e2e1b654b0465f445101561b0ca5d893e69eb9345fee9c1a26e537976dc28dee58e1d682b1c1f9e44bab49d67866e
SSDEEP

192:eDlRm7PO7DrLwskCQ26+CGKX96+CGKOn9KSvB6J5oMcVFGYrvKJcCdJUHy/8sv:ezJssyjMzYjKJjdD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64def8362443b11284ab0302e07a0e349696b86be9048994c53d38a02779adc7

Files

64def8362443b11284ab0302e07a0e349696b86be9048994c53d38a02779adc7
.dll windows:4 windows x86 arch:x86

631babe8f2ec89f8587f11253ef12f66

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

carclw60

CARC__EnterInstance
CARC__ExitInstance
GOL$COPYDATA
GOL$25
GOL$58
CARC__Inspect
GOL$M2
GOL$C2
CARC__StopRun
GOL$A8
GOL$85
GOL$55
GOL$VN_ASCII_SIGN_TABLE
GOL$D5
GOL$M5
GOL$S8
GOL$C8
_CARC__LibraryMain@12

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RCLID_TE
Size: 1024B - Virtual size: 743B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 458B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RCLEP_DA
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ