Overview

overview

10

Static

static

10

3e37aca363...42.exe

windows7-x64

10

3e37aca363...42.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3e37aca3637a5b850f2e5432d67e10b92deb61bd2294021119d3c8afebad3042

  • Size

    140KB

  • MD5

    0272df5ce729c158894c2a4c1c5381e9

  • SHA1

    ad28822acea517a30d45db01df0b3ba8ab213e6c

  • SHA256

    3e37aca3637a5b850f2e5432d67e10b92deb61bd2294021119d3c8afebad3042

  • SHA512

    398d66afa58a61c5687097678e881896b32389bfb49fbc12cc262abc0f44b22cc5bad411ac0d9a8a250357b74a61df6af7ba11ae380ba3d5f512bad4fba1130a

  • SSDEEP

    1536:6QFl29mEkE0L1rDEKrxZKF2zf9g2Pl7W/MwbxMX+mdz30rtr8gjmy9xNDCkrF:x29DkEGRQixVSjLa130BYgjmy9T7F

Score
10/10
upxsakula

Malware Config

Extracted

Family

sakula

C2

www.polarroute.com

Signatures

  • Sakula family
    sakula
  • Sakula payload 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3e37aca3637a5b850f2e5432d67e10b92deb61bd2294021119d3c8afebad3042
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections