General
-
Target
6794211eacc25f6d8d7b15495b989101fb61ac8dbadcf04d212c0a1ebee526c6
-
Size
41KB
-
Sample
230809-tbyh2scf64
-
MD5
0c6fe884b555a5fc6d4e030e75d3f66b
-
SHA1
98cd4ee65a200ffd4112231367c4baa1b68046ea
-
SHA256
6794211eacc25f6d8d7b15495b989101fb61ac8dbadcf04d212c0a1ebee526c6
-
SHA512
58ac71d0a7f69aefd14842ba0e6fcc6a6367308fcba4104138ed96fd4a21d39091077de87f32b5f7b548e1ce211b79ebc33bd9128f043454683cd56ca711d4b1
-
SSDEEP
768:+mAMlx3ppWo00zpPGlAm7WlSFOc/VBUiFzuXhhf0Ys93NUd70aXXXB6Q7DJ:+RMbZ4sp8PWlet/VBfghp0Ys93i708XH
Static task
static1
Behavioral task
behavioral1
Sample
6794211eacc25f6d8d7b15495b989101fb61ac8dbadcf04d212c0a1ebee526c6.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
6794211eacc25f6d8d7b15495b989101fb61ac8dbadcf04d212c0a1ebee526c6.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
sakula
www.polarroute.com
Targets
-
-
Target
6794211eacc25f6d8d7b15495b989101fb61ac8dbadcf04d212c0a1ebee526c6
-
Size
41KB
-
MD5
0c6fe884b555a5fc6d4e030e75d3f66b
-
SHA1
98cd4ee65a200ffd4112231367c4baa1b68046ea
-
SHA256
6794211eacc25f6d8d7b15495b989101fb61ac8dbadcf04d212c0a1ebee526c6
-
SHA512
58ac71d0a7f69aefd14842ba0e6fcc6a6367308fcba4104138ed96fd4a21d39091077de87f32b5f7b548e1ce211b79ebc33bd9128f043454683cd56ca711d4b1
-
SSDEEP
768:+mAMlx3ppWo00zpPGlAm7WlSFOc/VBUiFzuXhhf0Ys93NUd70aXXXB6Q7DJ:+RMbZ4sp8PWlet/VBfghp0Ys93i708XH
Score10/10-
Sakula payload
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-