General
-
Target
18a053ed1f58aa2af54b39a8bac6cd569db6434714540c2607220b680ef5405f
-
Size
80KB
-
Sample
220212-dldzdsggfn
-
MD5
2ea166f0cd99a9307870ec5e0e7f503e
-
SHA1
b21f5a6cc00c4e692d46fb0c555dab8caeb655ff
-
SHA256
18a053ed1f58aa2af54b39a8bac6cd569db6434714540c2607220b680ef5405f
-
SHA512
3bc2d8f941cd13c8de3283f956403c1fcc7b3d5cadff56362f3bc968a2bb6f727862a898f2cf9ba168152ca8691b3106e68db03f3e2ab63c669d54b3c6161090
Malware Config
Targets
-
-
Target
18a053ed1f58aa2af54b39a8bac6cd569db6434714540c2607220b680ef5405f
-
Size
80KB
-
MD5
2ea166f0cd99a9307870ec5e0e7f503e
-
SHA1
b21f5a6cc00c4e692d46fb0c555dab8caeb655ff
-
SHA256
18a053ed1f58aa2af54b39a8bac6cd569db6434714540c2607220b680ef5405f
-
SHA512
3bc2d8f941cd13c8de3283f956403c1fcc7b3d5cadff56362f3bc968a2bb6f727862a898f2cf9ba168152ca8691b3106e68db03f3e2ab63c669d54b3c6161090
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-