General
-
Target
1414f680448ead563d53af07e5a11b840cb859b7549e28dd41a26af70a4ced0c
-
Size
36KB
-
Sample
220212-fjx1lahgdn
-
MD5
df0da44fd823e9a67fef53cfb5fa347c
-
SHA1
c3c40b40a3c6268f6941bdaca11e39c3572b7ed8
-
SHA256
1414f680448ead563d53af07e5a11b840cb859b7549e28dd41a26af70a4ced0c
-
SHA512
7ff5c01742e7572314ee25cd29a121f5f44f467a0a331a599ef5a82e70eb1b90ffaf987f60ecc1bbcef5c56b554f8340bc886e30a563f39d4d703f4ae52d66e1
Malware Config
Targets
-
-
Target
1414f680448ead563d53af07e5a11b840cb859b7549e28dd41a26af70a4ced0c
-
Size
36KB
-
MD5
df0da44fd823e9a67fef53cfb5fa347c
-
SHA1
c3c40b40a3c6268f6941bdaca11e39c3572b7ed8
-
SHA256
1414f680448ead563d53af07e5a11b840cb859b7549e28dd41a26af70a4ced0c
-
SHA512
7ff5c01742e7572314ee25cd29a121f5f44f467a0a331a599ef5a82e70eb1b90ffaf987f60ecc1bbcef5c56b554f8340bc886e30a563f39d4d703f4ae52d66e1
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-