sakula | 713e0fc8cb445d0a094c33347385b76d6a7d540fda15bec3ce66299d8c0e8cbc | Triage

Sharing

General

Target

713e0fc8cb445d0a094c33347385b76d6a7d540fda15bec3ce66299d8c0e8cbc
Size

92KB
Sample

220122-bn79xaghbk
MD5

a068bf4b31738a08ed06924c7bf37223
SHA1

e45b046dddea65f987e4a8e4b0fe47711fbb346c
SHA256

713e0fc8cb445d0a094c33347385b76d6a7d540fda15bec3ce66299d8c0e8cbc
SHA512

7e8bcb5e64138230631f4a05472c600457f24540c78fbbcec037b770954cf4cc27bc629431868525c01b989b5901cbad99c46608867e57154ecfecb1d88f62fb

Score

10^/10

sakula persistence rat trojan

Malware Config

Targets

- Target
  
  713e0fc8cb445d0a094c33347385b76d6a7d540fda15bec3ce66299d8c0e8cbc
- Size
  
  92KB
- MD5
  
  a068bf4b31738a08ed06924c7bf37223
- SHA1
  
  e45b046dddea65f987e4a8e4b0fe47711fbb346c
- SHA256
  
  713e0fc8cb445d0a094c33347385b76d6a7d540fda15bec3ce66299d8c0e8cbc
- SHA512
  
  7e8bcb5e64138230631f4a05472c600457f24540c78fbbcec037b770954cf4cc27bc629431868525c01b989b5901cbad99c46608867e57154ecfecb1d88f62fb
Score

10^/10

sakula persistence rat trojan
- Sakula
  Sakula is a remote access trojan with various capabilities.
  trojan rat sakula
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sakulapersistencerattrojan

behavioral2

sakulapersistencerattrojan