Overview

overview

8

Static

static

3

Turla/Carb...nt.exe

windows10-2004-x64

8

Turla/KazuarRAT.dll

windows10-2004-x64

1

Turla/NCSC.exe

windows10-2004-x64

1

Turla/Naut...nt.dll

windows10-2004-x64

1

Turla/Neur...18.dll

windows10-2004-x64

1

Turla/Outl...or.dll

windows10-2004-x64

1

Turla/Outl...r2.dll

windows10-2004-x64

7

Turla/TurlaAgent.dll

windows10-2004-x64

5

Turla/Turl...er.exe

windows10-2004-x64

7

Turla/Turl...er.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    Turla.rar

  • Size

    1.9MB

  • MD5

    cf40c5519a4f8b69c95229b1c325e8b6

  • SHA1

    abc4ca896859dffad550b78ce54fb4d9f934347a

  • SHA256

    1557159ed0ac0a1109a76f07b3e7f00697e577b28390171eac15c63c3b145ef1

  • SHA512

    a483274d936ffc76296a301279c6bd7257795aed009c7a978de34826e770fd94b750cdc180d02e9a67088be9ed806d05f6529ffc9edb8e5c6c9a1302dd1227a3

  • SSDEEP

    49152:SR4+WQDog9W4g6mqjSNPvMeWlkZzW6qJDxRV2NPYkiv/hmk/nN+L:u4+xp9HmqITWCuePdyEk/N+

Score
3/10

Malware Config

Signatures

  • Unsigned PE 10 IoCs

    Checks for missing Authenticode signature.

Files

  • Turla.rar
    .rar

    Password: 123

  • Turla/CarbonImplant.bin
    .exe windows:5 windows x64 arch:x64

    Password: 123

    f9410b77f2ed92c5538775ecf2c381c6


    Headers

    Imports

    Sections

  • Turla/KazuarRAT.bin
    .dll windows:4 windows x86 arch:x86

    Password: 123

    682156c4380c216ff8cb766a2f2e8817


    Headers

    Imports

    Exports

    Sections

  • Turla/NCSC.bin
    .exe windows:4 windows x86 arch:x86

    Password: 123

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Turla/Nautilus Implant.bin
    .dll windows:6 windows x64 arch:x64

    Password: 123

    468451b8d57563f8791acd5aad32d23a


    Headers

    Imports

    Exports

    Sections

  • Turla/NeuronImplant2018.bin
    .dll windows:6 windows x86 arch:x86

    Password: 123


    Headers

    Sections

  • Turla/OutlookBackdoor.bin
    .dll regsvr32 windows:5 windows x86 arch:x86

    Password: 123

    ffdd7d29384f862df16f05b993adefd4


    Headers

    Imports

    Exports

    Sections

  • Turla/OutlookBackdoor2.bin
    .dll regsvr32 windows:5 windows x86 arch:x86

    Password: 123

    76768716dc7a613d452ff4d177e13797


    Headers

    Imports

    Exports

    Sections

  • Turla/TurlaAgent.exe
    .dll windows:4 windows x86 arch:x86

    Password: 123

    9d0d6daa47d6e6f2d80eb05405944f87


    Headers

    Imports

    Exports

    Sections

  • Turla/TurlaDropper.bin
    .exe windows:5 windows x86 arch:x86

    05cb4e6d3d97087700002cadc74908c5


    Headers

    Imports

    Sections

  • Turla/TurlaKeylogger.bin
    .dll windows:5 windows x64 arch:x64

    94e4cb53a59c210cf3bda6a0cd66f941


    Headers

    Imports

    Sections