sakula | 157140c67714004565b64565c16d691444e9523d12a566254be7dd944db3f204

Sharing

Copy URL Twitter E-mail

General

Target

157140c67714004565b64565c16d691444e9523d12a566254be7dd944db3f204
Size

4.8MB
MD5

3fc7e44ab22bf47d21dbdfcd1205f5ab
SHA1

0c587528a71fb8f232a83d8d1a89620e6d23ea5b
SHA256

157140c67714004565b64565c16d691444e9523d12a566254be7dd944db3f204
SHA512

698f9df43c15598c366fa5f75e9cf4379e6ca1204c98047652abc4638fc6a104078059b432cde3116c42b5aa1b8de62eb7d6e7ba67358f3848f30064187dc0e9
SSDEEP

6144:k0U6u+30BE4rsgzLJTLJuoLJ1JMLJ1JEJGLJ1JEJqLJ1JEJtJFLJ1JEJtJ2LJ1JB:k0U6vU

Score

10^/10

sakula

Malware Config

Signatures

Sakula family
sakula

Sakula payload 1 IoCs

resource	yara_rule
sample	family_sakula

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
157140c67714004565b64565c16d691444e9523d12a566254be7dd944db3f204

Files

157140c67714004565b64565c16d691444e9523d12a566254be7dd944db3f204
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

new_imp
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

new_imp
Size: 116KB - Virtual size: 117KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 4KB - Virtual size: 3KB

new_imp Size: 6KB - Virtual size: 6KB

new_imp Size: 6KB - Virtual size: 6KB

new_imp Size: 6KB - Virtual size: 6KB

new_imp Size: 6KB - Virtual size: 6KB

new_imp Size: 8KB - Virtual size: 8KB

new_imp Size: 13KB - Virtual size: 13KB

new_imp Size: 14KB - Virtual size: 14KB

new_imp Size: 15KB - Virtual size: 15KB

new_imp Size: 16KB - Virtual size: 16KB

new_imp Size: 17KB - Virtual size: 17KB

new_imp Size: 18KB - Virtual size: 18KB

new_imp Size: 19KB - Virtual size: 19KB

new_imp Size: 19KB - Virtual size: 19KB

new_imp Size: 20KB - Virtual size: 20KB

new_imp Size: 20KB - Virtual size: 20KB

new_imp Size: 21KB - Virtual size: 21KB

new_imp Size: 24KB - Virtual size: 24KB

new_imp Size: 24KB - Virtual size: 24KB

new_imp Size: 27KB - Virtual size: 27KB

new_imp Size: 29KB - Virtual size: 29KB

new_imp Size: 30KB - Virtual size: 30KB

new_imp Size: 31KB - Virtual size: 31KB

new_imp Size: 31KB - Virtual size: 31KB

new_imp Size: 32KB - Virtual size: 32KB

new_imp Size: 35KB - Virtual size: 35KB

new_imp Size: 35KB - Virtual size: 35KB

new_imp Size: 35KB - Virtual size: 35KB

new_imp Size: 40KB - Virtual size: 40KB

new_imp Size: 44KB - Virtual size: 44KB

new_imp Size: 47KB - Virtual size: 47KB

new_imp Size: 47KB - Virtual size: 47KB

new_imp Size: 50KB - Virtual size: 50KB

new_imp Size: 55KB - Virtual size: 55KB

new_imp Size: 59KB - Virtual size: 59KB

new_imp Size: 63KB - Virtual size: 63KB

new_imp Size: 63KB - Virtual size: 63KB

new_imp Size: 64KB - Virtual size: 64KB

new_imp Size: 64KB - Virtual size: 64KB

new_imp Size: 65KB - Virtual size: 65KB

new_imp Size: 68KB - Virtual size: 68KB

new_imp Size: 68KB - Virtual size: 68KB

new_imp Size: 69KB - Virtual size: 69KB

new_imp Size: 70KB - Virtual size: 70KB

new_imp Size: 70KB - Virtual size: 70KB

new_imp Size: 72KB - Virtual size: 72KB

new_imp Size: 72KB - Virtual size: 72KB

new_imp Size: 73KB - Virtual size: 73KB

new_imp Size: 74KB - Virtual size: 74KB

new_imp Size: 75KB - Virtual size: 75KB

new_imp Size: 76KB - Virtual size: 76KB

new_imp Size: 77KB - Virtual size: 77KB

new_imp Size: 78KB - Virtual size: 78KB

new_imp Size: 81KB - Virtual size: 81KB

new_imp Size: 81KB - Virtual size: 81KB

new_imp Size: 86KB - Virtual size: 86KB

new_imp Size: 86KB - Virtual size: 86KB

new_imp Size: 91KB - Virtual size: 91KB

new_imp Size: 91KB - Virtual size: 91KB

new_imp Size: 91KB - Virtual size: 91KB

new_imp Size: 94KB - Virtual size: 94KB

new_imp Size: 94KB - Virtual size: 94KB

new_imp Size: 97KB - Virtual size: 97KB

new_imp Size: 97KB - Virtual size: 97KB

new_imp Size: 98KB - Virtual size: 98KB

new_imp Size: 99KB - Virtual size: 99KB

new_imp Size: 100KB - Virtual size: 100KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 4KB - Virtual size: 3KB

new_imp
Size: 6KB - Virtual size: 6KB

new_imp
Size: 6KB - Virtual size: 6KB

new_imp
Size: 6KB - Virtual size: 6KB

new_imp
Size: 6KB - Virtual size: 6KB

new_imp
Size: 8KB - Virtual size: 8KB

new_imp
Size: 13KB - Virtual size: 13KB

new_imp
Size: 14KB - Virtual size: 14KB

new_imp
Size: 15KB - Virtual size: 15KB

new_imp
Size: 16KB - Virtual size: 16KB

new_imp
Size: 17KB - Virtual size: 17KB

new_imp
Size: 18KB - Virtual size: 18KB

new_imp
Size: 19KB - Virtual size: 19KB

new_imp
Size: 19KB - Virtual size: 19KB

new_imp
Size: 20KB - Virtual size: 20KB

new_imp
Size: 20KB - Virtual size: 20KB

new_imp
Size: 21KB - Virtual size: 21KB

new_imp
Size: 24KB - Virtual size: 24KB

new_imp
Size: 24KB - Virtual size: 24KB

new_imp
Size: 27KB - Virtual size: 27KB

new_imp
Size: 29KB - Virtual size: 29KB

new_imp
Size: 30KB - Virtual size: 30KB

new_imp
Size: 31KB - Virtual size: 31KB

new_imp
Size: 31KB - Virtual size: 31KB

new_imp
Size: 32KB - Virtual size: 32KB

new_imp
Size: 35KB - Virtual size: 35KB

new_imp
Size: 35KB - Virtual size: 35KB

new_imp
Size: 35KB - Virtual size: 35KB

new_imp
Size: 40KB - Virtual size: 40KB

new_imp
Size: 44KB - Virtual size: 44KB

new_imp
Size: 47KB - Virtual size: 47KB

new_imp
Size: 47KB - Virtual size: 47KB

new_imp
Size: 50KB - Virtual size: 50KB

new_imp
Size: 55KB - Virtual size: 55KB

new_imp
Size: 59KB - Virtual size: 59KB

new_imp
Size: 63KB - Virtual size: 63KB

new_imp
Size: 63KB - Virtual size: 63KB

new_imp
Size: 64KB - Virtual size: 64KB

new_imp
Size: 64KB - Virtual size: 64KB

new_imp
Size: 65KB - Virtual size: 65KB

new_imp
Size: 68KB - Virtual size: 68KB

new_imp
Size: 68KB - Virtual size: 68KB

new_imp
Size: 69KB - Virtual size: 69KB

new_imp
Size: 70KB - Virtual size: 70KB

new_imp
Size: 70KB - Virtual size: 70KB

new_imp
Size: 72KB - Virtual size: 72KB

new_imp
Size: 72KB - Virtual size: 72KB

new_imp
Size: 73KB - Virtual size: 73KB

new_imp
Size: 74KB - Virtual size: 74KB

new_imp
Size: 75KB - Virtual size: 75KB

new_imp
Size: 76KB - Virtual size: 76KB

new_imp
Size: 77KB - Virtual size: 77KB

new_imp
Size: 78KB - Virtual size: 78KB

new_imp
Size: 81KB - Virtual size: 81KB

new_imp
Size: 81KB - Virtual size: 81KB

new_imp
Size: 86KB - Virtual size: 86KB

new_imp
Size: 86KB - Virtual size: 86KB

new_imp
Size: 91KB - Virtual size: 91KB

new_imp
Size: 91KB - Virtual size: 91KB

new_imp
Size: 91KB - Virtual size: 91KB

new_imp
Size: 94KB - Virtual size: 94KB

new_imp
Size: 94KB - Virtual size: 94KB

new_imp
Size: 97KB - Virtual size: 97KB

new_imp
Size: 97KB - Virtual size: 97KB

new_imp
Size: 98KB - Virtual size: 98KB

new_imp
Size: 99KB - Virtual size: 99KB

new_imp
Size: 100KB - Virtual size: 100KB

new_imp
Size: 100KB - Virtual size: 100KB

new_imp
Size: 101KB - Virtual size: 101KB

new_imp
Size: 101KB - Virtual size: 101KB

new_imp
Size: 102KB - Virtual size: 102KB

new_imp
Size: 102KB - Virtual size: 102KB

new_imp
Size: 103KB - Virtual size: 103KB

new_imp
Size: 107KB - Virtual size: 107KB

new_imp
Size: 108KB - Virtual size: 108KB

new_imp
Size: 109KB - Virtual size: 109KB