General
-
Target
17cf7f4dca5648312378cc602767453071b4da260fcbe654c20ed78efad4c5a3
-
Size
101KB
-
Sample
220212-dwfwqsfdd4
-
MD5
cd8b663bea25b1a1ea4a288ef0960f07
-
SHA1
76610318193c2d90108206cce69acac3cb23acf5
-
SHA256
17cf7f4dca5648312378cc602767453071b4da260fcbe654c20ed78efad4c5a3
-
SHA512
819502a6ec3ed4973afdb9626894a9c44b34949480d26b2f3b6f83190ddb2dd86964b6879a1848ce16c5bf8f658b5796a5b989800e653068e4c4b5a1837af9e7
Malware Config
Targets
-
-
Target
17cf7f4dca5648312378cc602767453071b4da260fcbe654c20ed78efad4c5a3
-
Size
101KB
-
MD5
cd8b663bea25b1a1ea4a288ef0960f07
-
SHA1
76610318193c2d90108206cce69acac3cb23acf5
-
SHA256
17cf7f4dca5648312378cc602767453071b4da260fcbe654c20ed78efad4c5a3
-
SHA512
819502a6ec3ed4973afdb9626894a9c44b34949480d26b2f3b6f83190ddb2dd86964b6879a1848ce16c5bf8f658b5796a5b989800e653068e4c4b5a1837af9e7
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-