General
-
Target
1408075d9c6c7a098c4fbfecbfb80d00fb738305060f7d43910b978a6011af7e
-
Size
36KB
-
Sample
220212-fj689shgdr
-
MD5
544dcb305471cb788556bbcc4c5fc623
-
SHA1
999a75a2bc20e72f0c4be47a8c056fb0f4a0954d
-
SHA256
1408075d9c6c7a098c4fbfecbfb80d00fb738305060f7d43910b978a6011af7e
-
SHA512
40ba24b5fd35fb7a36b1bb89e8c529919bec818b02ac1ee852a67b02273bfc7c4a9087361e5f2e59ec6f9ad5840ea8d23b74f93087a0099f94af0533a0a83c13
Malware Config
Targets
-
-
Target
1408075d9c6c7a098c4fbfecbfb80d00fb738305060f7d43910b978a6011af7e
-
Size
36KB
-
MD5
544dcb305471cb788556bbcc4c5fc623
-
SHA1
999a75a2bc20e72f0c4be47a8c056fb0f4a0954d
-
SHA256
1408075d9c6c7a098c4fbfecbfb80d00fb738305060f7d43910b978a6011af7e
-
SHA512
40ba24b5fd35fb7a36b1bb89e8c529919bec818b02ac1ee852a67b02273bfc7c4a9087361e5f2e59ec6f9ad5840ea8d23b74f93087a0099f94af0533a0a83c13
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-