Overview

overview

10

Static

static

10

2a2e0e062d...e5.exe

windows7-x64

10

2a2e0e062d...e5.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2a2e0e062d8d9d0a52f5cec31ab5e827d9e64cb48689945e0f458de940cd19e5

  • Size

    386KB

  • MD5

    8f20d298515a39ce483a272f2fe0451e

  • SHA1

    6f40fc018d5b710bfbac0d9a52c32eb15891afb7

  • SHA256

    2a2e0e062d8d9d0a52f5cec31ab5e827d9e64cb48689945e0f458de940cd19e5

  • SHA512

    32a382d4a8a7c06ee6ac73a3add428f51da2fcd1184af1550fff5b872530fc58ac0fed89bd23aa259e0bc0969169d5409b28234691bfcbecd619410155221a30

  • SSDEEP

    6144:E29qRfVSnA30B7mbwBxE1+ijiBKk3etdgI2MyzNORQtOfl1qNVo7R+S+N/TUF:sRfQnSw8EYiBl8

Score
10/10
upxsakula

Malware Config

Extracted

Family

sakula

C2

www.polarroute.com

Signatures

  • Sakula family
    sakula
  • Sakula payload 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2a2e0e062d8d9d0a52f5cec31ab5e827d9e64cb48689945e0f458de940cd19e5
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections