General
-
Target
1736416df7c82f26a1ebdec013edd7145d9d5ecf8a4a077ab60fc0c7ae2aa2ae
-
Size
188KB
-
Sample
220212-d52vkafee2
-
MD5
927fd99c0096e75d21f527bd5eabfa86
-
SHA1
2c848ebc250dec44f69b1de8f703e37be5fc408c
-
SHA256
1736416df7c82f26a1ebdec013edd7145d9d5ecf8a4a077ab60fc0c7ae2aa2ae
-
SHA512
4e23a79ebb9632c4a1e567ca834af591d660284a2ce58fde003b189cf30e86f3343c82e29f1b80428c8c74a733e755cede9ed12249b0c59aabd0c5552fd7edd0
Malware Config
Targets
-
-
Target
1736416df7c82f26a1ebdec013edd7145d9d5ecf8a4a077ab60fc0c7ae2aa2ae
-
Size
188KB
-
MD5
927fd99c0096e75d21f527bd5eabfa86
-
SHA1
2c848ebc250dec44f69b1de8f703e37be5fc408c
-
SHA256
1736416df7c82f26a1ebdec013edd7145d9d5ecf8a4a077ab60fc0c7ae2aa2ae
-
SHA512
4e23a79ebb9632c4a1e567ca834af591d660284a2ce58fde003b189cf30e86f3343c82e29f1b80428c8c74a733e755cede9ed12249b0c59aabd0c5552fd7edd0
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-