General
-
Target
12ccff0a2ab026d52cb4befb2c56302c1c01eff592b5529ebe57b69dd232c3f9
-
Size
58KB
-
Sample
220212-f4gt4saagl
-
MD5
a66d2231013445452a0b71f9c18f74d5
-
SHA1
7aff0a61e53414c3b5a42f91fec9554deaa3ea09
-
SHA256
12ccff0a2ab026d52cb4befb2c56302c1c01eff592b5529ebe57b69dd232c3f9
-
SHA512
21c99561a8a8d0e63c2928d7498a241f6051e60d977df62e33232ea009f562560fa23d238c7dfd166f85cc3458b40acd9e3ded2d2c8a5faf988d5296a8ea8562
Malware Config
Targets
-
-
Target
12ccff0a2ab026d52cb4befb2c56302c1c01eff592b5529ebe57b69dd232c3f9
-
Size
58KB
-
MD5
a66d2231013445452a0b71f9c18f74d5
-
SHA1
7aff0a61e53414c3b5a42f91fec9554deaa3ea09
-
SHA256
12ccff0a2ab026d52cb4befb2c56302c1c01eff592b5529ebe57b69dd232c3f9
-
SHA512
21c99561a8a8d0e63c2928d7498a241f6051e60d977df62e33232ea009f562560fa23d238c7dfd166f85cc3458b40acd9e3ded2d2c8a5faf988d5296a8ea8562
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-