General
-
Target
12278ec3c28f57749ce340e59103efc7a934013f9906a2c2fa5d7df596d37ab6
-
Size
101KB
-
Sample
220212-gbw9rsabfq
-
MD5
084f94fe79588e78a03a8ba07fdbff0b
-
SHA1
e28c80f6bb548071954412075358792d45b3e26c
-
SHA256
12278ec3c28f57749ce340e59103efc7a934013f9906a2c2fa5d7df596d37ab6
-
SHA512
96624bf0e3850eb55c581ce62cdfbe5117f9f66d4bfe066a093f0940d4d640e5acbd94217a8ed01375ce1d576d153a63916574a6341f99e000942dfab6383ffd
Malware Config
Targets
-
-
Target
12278ec3c28f57749ce340e59103efc7a934013f9906a2c2fa5d7df596d37ab6
-
Size
101KB
-
MD5
084f94fe79588e78a03a8ba07fdbff0b
-
SHA1
e28c80f6bb548071954412075358792d45b3e26c
-
SHA256
12278ec3c28f57749ce340e59103efc7a934013f9906a2c2fa5d7df596d37ab6
-
SHA512
96624bf0e3850eb55c581ce62cdfbe5117f9f66d4bfe066a093f0940d4d640e5acbd94217a8ed01375ce1d576d153a63916574a6341f99e000942dfab6383ffd
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-