Overview

overview

10

Static

static

10

ab4d2a65ef...eN.exe

windows7-x64

10

ab4d2a65ef...eN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ab4d2a65ef902b5baa4af2f2efc961bb9e05a52373861b7f869ef81c93451d9eN.exe

  • Size

    140KB

  • MD5

    5be18cfd18903dd0556eb93649ad8390

  • SHA1

    803b265533f5cca1242e6ebe907cfc6a584693bd

  • SHA256

    ab4d2a65ef902b5baa4af2f2efc961bb9e05a52373861b7f869ef81c93451d9e

  • SHA512

    8a8f68b2bb9efaae17d4b0e4a1d4ac0fbcacdbf0106f9a1c168fb4ef8c5f209c71c0736f22690dc0e78fa2e59aee3cc752f506b9aa264b17f6c76b8f2b8abe35

  • SSDEEP

    1536:6QFl29mEkE0L1rDEKrxZKF2zf9g2Pl7W/MwbxMX+mdz30rtr8gjmy9xNDCkrR:x29DkEGRQixVSjLa130BYgjmy9T7R

Score
10/10
upxsakula

Malware Config

Extracted

Family

sakula

C2

www.polarroute.com

Signatures

  • Sakula family
    sakula
  • Sakula payload 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ab4d2a65ef902b5baa4af2f2efc961bb9e05a52373861b7f869ef81c93451d9eN.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections