General

  • Target

    Virus.Autorun.ATA_virussign.com_c28098175997d42658cc962fddfa4d66.exe

  • Size

    92KB

  • MD5

    c28098175997d42658cc962fddfa4d66

  • SHA1

    3ff7792a3f7aef62db8f3e356c774a4eae0971e3

  • SHA256

    539e4310882605c47f0e625def8f057758df0a3072cb4d7a5894a5570c6aa3f0

  • SHA512

    c4967c12ece1848dce16bb4b0d4bb507429ed7d4c44d0b23f048110bf98adf98331d37dc12004195a51ab227c2343dcf4e640198554fba8feaaf6e823497157f

  • SSDEEP

    1536:TJbCiJVkgMaT2itTkjoRXnM48dXFajVPYxCEtkz30rtr3:9bfVk29te2jqxCEtg30Bj

Score
10/10

Malware Config

Extracted

Family

sakula

C2

www.savmpet.com

Signatures

  • Sakula family
  • Sakula payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Virus.Autorun.ATA_virussign.com_c28098175997d42658cc962fddfa4d66.exe
    .exe windows:4 windows x86 arch:x86

    3756947b3e7059e30bd77d705a3cb609


    Headers

    Imports

    Sections