Overview

overview

10

Static

static

10

a4d5bad0f1...39.exe

windows7-x64

10

a4d5bad0f1...39.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a4d5bad0f16fbe067a2dd7c616537f74674b90a721bf576199604dd0bd28ba39.exe

  • Size

    140KB

  • MD5

    fbf65d011592fd4f05ef7f91b39283cd

  • SHA1

    6cb4890e4a12ca76f2e583d683b7db04a7ed4714

  • SHA256

    a4d5bad0f16fbe067a2dd7c616537f74674b90a721bf576199604dd0bd28ba39

  • SHA512

    0e4a414cc6a2179dfc286ed5caf2481b576875df4e3f2a49ba2c46ecf92748e589fee95dc6ae8ee894e4d5bfb3db5d0477b38d9f103bbd3eb5e727173cebf867

  • SSDEEP

    1536:6QFl29mEkE0L1rDEKrxZKF2zf9g2Pl7W/MwbxMX+mdz30rtr8gjmy9xNDCkrZ:x29DkEGRQixVSjLa130BYgjmy9T7Z

Score
10/10
upxsakula

Malware Config

Extracted

Family

sakula

C2

www.polarroute.com

Signatures

  • Sakula family
    sakula
  • Sakula payload 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a4d5bad0f16fbe067a2dd7c616537f74674b90a721bf576199604dd0bd28ba39.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections