General
-
Target
1962759df7809c2eaf471b75a5a65331d39300157dd484210c67a17f515fb382
-
Size
36KB
-
Sample
220212-dbgyasfbb8
-
MD5
ba5fa99c2e6680537f8289926eab19fa
-
SHA1
4e7ec937088a18560480e2bc241f84ae0706d40f
-
SHA256
1962759df7809c2eaf471b75a5a65331d39300157dd484210c67a17f515fb382
-
SHA512
6c4f8357d9612ffad446575b9ba3829a806f240b7e99e440cbf41ca31075c28b6a079f8c0ad590a8124f960c38ca3ea84f42832cbd17b3f50fada2a72f97357e
Malware Config
Targets
-
-
Target
1962759df7809c2eaf471b75a5a65331d39300157dd484210c67a17f515fb382
-
Size
36KB
-
MD5
ba5fa99c2e6680537f8289926eab19fa
-
SHA1
4e7ec937088a18560480e2bc241f84ae0706d40f
-
SHA256
1962759df7809c2eaf471b75a5a65331d39300157dd484210c67a17f515fb382
-
SHA512
6c4f8357d9612ffad446575b9ba3829a806f240b7e99e440cbf41ca31075c28b6a079f8c0ad590a8124f960c38ca3ea84f42832cbd17b3f50fada2a72f97357e
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-