Overview

overview

10

Static

static

10

NEAS.86f54...70.exe

windows7-x64

10

NEAS.86f54...70.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.86f540cb1a64b17ab32196c9382f1470.exe

  • Size

    190KB

  • MD5

    86f540cb1a64b17ab32196c9382f1470

  • SHA1

    19a1ad0cf4ee5947c82bb81cf6b1bf4b1035bb15

  • SHA256

    131c45691ffed3a1896f9f412a4b50298f1778068bafae96cdd90ceb04dc22d6

  • SHA512

    6527729b443e693aa1168d6bc9e715e5cefad06953cbc6e599adb3aff0f66667916bfcd7b1334626553d0cef079d6d6f026f526afafb0cca0daa6a8ed2d43aa8

  • SSDEEP

    3072:929DkEGRQixVSjLa130BYgjXjp+y9T7uZwOuz/xS0:929qRfVSnA30B7XjUbwBxF

Score
10/10
upxsakula

Malware Config

Extracted

Family

sakula

C2

www.polarroute.com

Signatures

  • Sakula family
    sakula
  • Sakula payload 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • NEAS.86f540cb1a64b17ab32196c9382f1470.exe
    .exe windows:5 windows x86


    Headers

    Sections