General
-
Target
0f74c3c91ec8bf6cd87822d7509415de7d06ae4200b9841edca0d588a55343b3
-
Size
60KB
-
Sample
220212-hdsvssagak
-
MD5
4b242c1df5b5057f34895cc35e516802
-
SHA1
15e0a70fe6a328561e57d7b10ebd4a6b78b3536c
-
SHA256
0f74c3c91ec8bf6cd87822d7509415de7d06ae4200b9841edca0d588a55343b3
-
SHA512
f896d918b232b24a80c2491a31de53bae30fc9a76cc9b09821d45387603e47ea9042a55f32a09c89a2b0b548934a03f88eec9d5a06b169a92f99b608096a1677
Malware Config
Targets
-
-
Target
0f74c3c91ec8bf6cd87822d7509415de7d06ae4200b9841edca0d588a55343b3
-
Size
60KB
-
MD5
4b242c1df5b5057f34895cc35e516802
-
SHA1
15e0a70fe6a328561e57d7b10ebd4a6b78b3536c
-
SHA256
0f74c3c91ec8bf6cd87822d7509415de7d06ae4200b9841edca0d588a55343b3
-
SHA512
f896d918b232b24a80c2491a31de53bae30fc9a76cc9b09821d45387603e47ea9042a55f32a09c89a2b0b548934a03f88eec9d5a06b169a92f99b608096a1677
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-