Overview

overview

10

Static

static

10

NEAS.db7f0...80.exe

windows7-x64

10

NEAS.db7f0...80.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.db7f0243fda108aab085cdecf6330f80.exe

  • Size

    190KB

  • MD5

    db7f0243fda108aab085cdecf6330f80

  • SHA1

    a6dce0cd3c5ec9ec8df426a491df51477a282b69

  • SHA256

    ba7f5279a74d7d6fa28af1e1e6bac467f8f47c5a28f3a4f544fadc37245af4ee

  • SHA512

    bd4cea53bff88b00d4ffc5d8c701f25cb2132064d8c5f584541d3719407f80ca8c361cb59d98a9e33d038784234d4e28de353636b4bc507b116cc916d509d4a6

  • SSDEEP

    3072:929DkEGRQixVSjLa130BYgjXjp+y9T7uZwOuz/xSW:929qRfVSnA30B7XjUbwBxT

Score
10/10
upxsakula

Malware Config

Extracted

Family

sakula

C2

www.polarroute.com

Signatures

  • Sakula family
    sakula
  • Sakula payload 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • NEAS.db7f0243fda108aab085cdecf6330f80.exe
    .exe windows:5 windows x86


    Headers

    Sections