General

  • Target

    d303d75de66a42731e9e7677eae17732b65ba14362b72dac40188a165117cd6fN

  • Size

    3.6MB

  • MD5

    985ff5e986caa93a411fc25cff01cb10

  • SHA1

    5445fd70ef09348e94a1db210444776c3784f3d5

  • SHA256

    d303d75de66a42731e9e7677eae17732b65ba14362b72dac40188a165117cd6f

  • SHA512

    568d5715341ff5b8b44484f0c1d30eff899443c0fca19035d5079c388a0152373ea90888438fb9e9ac345885bd4fc65b4d6a1d508ad69eaae85ad8a22c8b301a

  • SSDEEP

    49152:o852ZjeUNZZH46HsnHVT5ZA+acdD6xXTIO:oU6eUNZZJHsHU

Score
10/10

Malware Config

Extracted

Family

sakula

C2

www.polarroute.com

Signatures

  • Sakula family
  • Sakula payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d303d75de66a42731e9e7677eae17732b65ba14362b72dac40188a165117cd6fN
    .exe windows:5 windows x86 arch:x86

    4511896d043677e4ab4578dc5bcab5a0


    Headers

    Imports

    Sections