General
-
Target
1166f1f2e8522b06204428ffabf93a8256b61f89946957a19f0ee6bf404783fe
-
Size
150KB
-
Sample
220212-glnqdagfh9
-
MD5
21980ba147c915fd84467048d0bea01c
-
SHA1
54ec742add25699a8016077e0ae4285280052a69
-
SHA256
1166f1f2e8522b06204428ffabf93a8256b61f89946957a19f0ee6bf404783fe
-
SHA512
a590060dab24ddf7b2eebba31270177740870bcf1ee18d522df4d8a0762be414f13c6d0e4f47ffd55b7bb5a2e394885097e10c233b3384fa901e225e660f1d61
Malware Config
Targets
-
-
Target
1166f1f2e8522b06204428ffabf93a8256b61f89946957a19f0ee6bf404783fe
-
Size
150KB
-
MD5
21980ba147c915fd84467048d0bea01c
-
SHA1
54ec742add25699a8016077e0ae4285280052a69
-
SHA256
1166f1f2e8522b06204428ffabf93a8256b61f89946957a19f0ee6bf404783fe
-
SHA512
a590060dab24ddf7b2eebba31270177740870bcf1ee18d522df4d8a0762be414f13c6d0e4f47ffd55b7bb5a2e394885097e10c233b3384fa901e225e660f1d61
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-