General
-
Target
13eadb4610dd6b8df57adb8d232e7499de927477dbeee37f18e094d9f055cc2b
-
Size
99KB
-
Sample
220212-fmjx5shggp
-
MD5
87402fcd2588bed22e07be8052c5843f
-
SHA1
e32211e139f43c312db91319cf08003197c8e380
-
SHA256
13eadb4610dd6b8df57adb8d232e7499de927477dbeee37f18e094d9f055cc2b
-
SHA512
e26626b0e8842bfa6c45cc2e6207a0c6f793a44b2a2f658367bb843abedb900be1c5befb6997e66c53034aac04337cd9801c097cb3e7be2e7656042bfa799c3d
Malware Config
Targets
-
-
Target
13eadb4610dd6b8df57adb8d232e7499de927477dbeee37f18e094d9f055cc2b
-
Size
99KB
-
MD5
87402fcd2588bed22e07be8052c5843f
-
SHA1
e32211e139f43c312db91319cf08003197c8e380
-
SHA256
13eadb4610dd6b8df57adb8d232e7499de927477dbeee37f18e094d9f055cc2b
-
SHA512
e26626b0e8842bfa6c45cc2e6207a0c6f793a44b2a2f658367bb843abedb900be1c5befb6997e66c53034aac04337cd9801c097cb3e7be2e7656042bfa799c3d
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-