Overview

overview

10

Static

static

10

ce5587c122...35.exe

windows7_x64

10

ce5587c122...35.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ce5587c122f99e5233fdc577236a74d43d06e2023624bbf993cea12e51cff835

  • Size

    79KB

  • Sample

    220121-3xzgxadgb3

  • MD5

    fc52814e8eb48aca6b87fa43656cbf42

  • SHA1

    fec471871ee0684460d23428bea5b266224311e5

  • SHA256

    ce5587c122f99e5233fdc577236a74d43d06e2023624bbf993cea12e51cff835

  • SHA512

    5acca9b800da98d5fd14633deeecf13457094157d5756a50eda3a82560434803d8b869b174178e1d8479912e9c8e877ad9302c49e5176c39e6af5b3f78c27d71

Score
10/10
sakulapersistencerattrojan

Malware Config

Targets

    • Target

      ce5587c122f99e5233fdc577236a74d43d06e2023624bbf993cea12e51cff835

    • Size

      79KB

    • MD5

      fc52814e8eb48aca6b87fa43656cbf42

    • SHA1

      fec471871ee0684460d23428bea5b266224311e5

    • SHA256

      ce5587c122f99e5233fdc577236a74d43d06e2023624bbf993cea12e51cff835

    • SHA512

      5acca9b800da98d5fd14633deeecf13457094157d5756a50eda3a82560434803d8b869b174178e1d8479912e9c8e877ad9302c49e5176c39e6af5b3f78c27d71

    Score
    10/10
    sakulapersistencerattrojan

    • Sakula

      Sakula is a remote access trojan with various capabilities.

      trojanratsakula

    • Sakula Payload

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks