General
-
Target
1365cae9706a8e268c96a2805f38dfc4f5b9d5b330f5fd57a11f126f5d252cde
-
Size
99KB
-
Sample
220212-fv6f4sgch9
-
MD5
b946aebcc1fd201c2822d23a308a7e3f
-
SHA1
00ee834fad660b9d624bbc17b4c03fcf8ef6a953
-
SHA256
1365cae9706a8e268c96a2805f38dfc4f5b9d5b330f5fd57a11f126f5d252cde
-
SHA512
d06059f1311184b6087d714af09d8ddc4799b004c3531bb1068f5d24710946b39a4d8972e07175d4853ad197c3db5dd540f402de1cebec6314f1ff54d342687e
Malware Config
Targets
-
-
Target
1365cae9706a8e268c96a2805f38dfc4f5b9d5b330f5fd57a11f126f5d252cde
-
Size
99KB
-
MD5
b946aebcc1fd201c2822d23a308a7e3f
-
SHA1
00ee834fad660b9d624bbc17b4c03fcf8ef6a953
-
SHA256
1365cae9706a8e268c96a2805f38dfc4f5b9d5b330f5fd57a11f126f5d252cde
-
SHA512
d06059f1311184b6087d714af09d8ddc4799b004c3531bb1068f5d24710946b39a4d8972e07175d4853ad197c3db5dd540f402de1cebec6314f1ff54d342687e
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-