Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ac5b4c43dac01ed9dd727cd3dcdfa78aa1bcfb23b90d63cb6aa0802a0596238bN.exe

  • Size

    140KB

  • MD5

    6692f098c9efead9ba2d3e270ddfa900

  • SHA1

    1248fab72ee8bc2bee816db68c50144bb917f125

  • SHA256

    ac5b4c43dac01ed9dd727cd3dcdfa78aa1bcfb23b90d63cb6aa0802a0596238b

  • SHA512

    0fc071133ad3e98886c18a24f7b1173b1bb121ff8b8ac3a7ec3ea6b7e5017a4d16b24a0b73b4449570f06cfec0850a4806726847d7af9995b361a0cd4d5cccdd

  • SSDEEP

    1536:6QFl29mEkE0L1rDEKrxZKF2zf9g2Pl7W/MwbxMX+mdz30rtr8gjmy9xNDCkr4:x29DkEGRQixVSjLa130BYgjmy9T74

Score
10/10

Malware Config

Extracted

Family

sakula

C2

www.polarroute.com

Signatures

  • Sakula family
  • Sakula payload 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ac5b4c43dac01ed9dd727cd3dcdfa78aa1bcfb23b90d63cb6aa0802a0596238bN.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections