sakula | ab33a3bd95341516cd68270445db7ed720c82a87ea134715b3b9ce3669c5f5e7 | Triage

Sharing

General

Target

ab33a3bd95341516cd68270445db7ed720c82a87ea134715b3b9ce3669c5f5e7
Size

104KB
Sample

220122-a55pnsfhfj
MD5

bf29d2c64db69170ae01ebb4eabe9bd3
SHA1

4fc413a27cfaa3cc208a7b4f60d3d30c887323f2
SHA256

ab33a3bd95341516cd68270445db7ed720c82a87ea134715b3b9ce3669c5f5e7
SHA512

699ef3570345298d7234b4aa2f7e77eac0375a4bd41cc2a7bce0b7ad3fe2133472e0a8deacb5c12607cb37690939c60238cea57a33fdf9ddb7d7ec32038cab55

Score

10^/10

sakula persistence rat trojan

Malware Config

Targets

- Target
  
  ab33a3bd95341516cd68270445db7ed720c82a87ea134715b3b9ce3669c5f5e7
- Size
  
  104KB
- MD5
  
  bf29d2c64db69170ae01ebb4eabe9bd3
- SHA1
  
  4fc413a27cfaa3cc208a7b4f60d3d30c887323f2
- SHA256
  
  ab33a3bd95341516cd68270445db7ed720c82a87ea134715b3b9ce3669c5f5e7
- SHA512
  
  699ef3570345298d7234b4aa2f7e77eac0375a4bd41cc2a7bce0b7ad3fe2133472e0a8deacb5c12607cb37690939c60238cea57a33fdf9ddb7d7ec32038cab55
Score

10^/10

sakula persistence rat trojan
- Sakula
  Sakula is a remote access trojan with various capabilities.
  trojan rat sakula
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sakulapersistencerattrojan

behavioral2

sakulapersistencerattrojan