sakula | 81f2a6dc518fb6d785e4a64d29ae5fd9b7a9140b98bded7c010f47f223f2d106 | Triage

Submit
Reports

Overview

overview

Static

static

81f2a6dc51...06.exe

windows7_x64

81f2a6dc51...06.exe

windows10_x64

Sharing

General

Target

81f2a6dc518fb6d785e4a64d29ae5fd9b7a9140b98bded7c010f47f223f2d106
Size

89KB
Sample

220130-wmpfmagff5
MD5

638304bf859e7be2f0fa39a655fdaffc
SHA1

646d54222f020f92fe2e0533c676bb104004686c
SHA256

81f2a6dc518fb6d785e4a64d29ae5fd9b7a9140b98bded7c010f47f223f2d106
SHA512

fce95cbba24ef5b3aa74e70523b28ac9e074928a2e6b3786c7ff8dd6604704ae2c8c80afa3f6812bfbe5d3400a5bd3c3bb8f3db095c3dcc5fc416a9647fa4803

Score

10^/10

sakula persistence rat trojan

Static task

static1

Behavioral task

behavioral1

Sample

81f2a6dc518fb6d785e4a64d29ae5fd9b7a9140b98bded7c010f47f223f2d106.exe

Resource

win7-en-20211208

sakula persistence rat trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

81f2a6dc518fb6d785e4a64d29ae5fd9b7a9140b98bded7c010f47f223f2d106.exe

Resource

win10-en-20211208

sakula persistence rat trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  81f2a6dc518fb6d785e4a64d29ae5fd9b7a9140b98bded7c010f47f223f2d106
- Size
  
  89KB
- MD5
  
  638304bf859e7be2f0fa39a655fdaffc
- SHA1
  
  646d54222f020f92fe2e0533c676bb104004686c
- SHA256
  
  81f2a6dc518fb6d785e4a64d29ae5fd9b7a9140b98bded7c010f47f223f2d106
- SHA512
  
  fce95cbba24ef5b3aa74e70523b28ac9e074928a2e6b3786c7ff8dd6604704ae2c8c80afa3f6812bfbe5d3400a5bd3c3bb8f3db095c3dcc5fc416a9647fa4803
Score

10^/10

sakula persistence rat trojan
- Sakula
  Sakula is a remote access trojan with various capabilities.
  trojan rat sakula
- Sakula Payload
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sakulapersistencerattrojan

behavioral2

sakulapersistencerattrojan

© 2018-2024

Terms | Privacy