General
-
Target
14ac5c52407b69f985f301c1f7f2462e9afc2af4b4680a5f715671d271cd0280
-
Size
216KB
-
Sample
220212-fcvlwsgbb6
-
MD5
3d48f858531531962006cb4a93f9704c
-
SHA1
c98fae213d566c1bd9506e635183a47599f7a497
-
SHA256
14ac5c52407b69f985f301c1f7f2462e9afc2af4b4680a5f715671d271cd0280
-
SHA512
9f2448ac2cb67b54cd95b132b297f1fd6aae82b6867f01e065597bad2feaf34198ec43642be9f20df626bbd617c233512c2858bc2359f511850dcf08d92b4e20
Malware Config
Targets
-
-
Target
14ac5c52407b69f985f301c1f7f2462e9afc2af4b4680a5f715671d271cd0280
-
Size
216KB
-
MD5
3d48f858531531962006cb4a93f9704c
-
SHA1
c98fae213d566c1bd9506e635183a47599f7a497
-
SHA256
14ac5c52407b69f985f301c1f7f2462e9afc2af4b4680a5f715671d271cd0280
-
SHA512
9f2448ac2cb67b54cd95b132b297f1fd6aae82b6867f01e065597bad2feaf34198ec43642be9f20df626bbd617c233512c2858bc2359f511850dcf08d92b4e20
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-