General
-
Target
196f31d50b210670a76f1ef4e7361168ac0565fff80155e87de3c6a562946c16
-
Size
35KB
-
Sample
220212-daplrafbb3
-
MD5
50ffaf1919d231854d9d0605682271e1
-
SHA1
083f4c48c3840b369db4d6b053641bded7ee9317
-
SHA256
196f31d50b210670a76f1ef4e7361168ac0565fff80155e87de3c6a562946c16
-
SHA512
dc011b32098e4452a9d8e0020f6cf658a9d3ae6b4c36fd9834b4a6aabddf11a6ca624142cc82381e2962ec5e190b6a4717bbbf4031ccc05ed9ab660b6af5636f
Malware Config
Targets
-
-
Target
196f31d50b210670a76f1ef4e7361168ac0565fff80155e87de3c6a562946c16
-
Size
35KB
-
MD5
50ffaf1919d231854d9d0605682271e1
-
SHA1
083f4c48c3840b369db4d6b053641bded7ee9317
-
SHA256
196f31d50b210670a76f1ef4e7361168ac0565fff80155e87de3c6a562946c16
-
SHA512
dc011b32098e4452a9d8e0020f6cf658a9d3ae6b4c36fd9834b4a6aabddf11a6ca624142cc82381e2962ec5e190b6a4717bbbf4031ccc05ed9ab660b6af5636f
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-