General
-
Target
0d85f5eb6f2708aa00be2bab7520f9b4db08177a81279bb5f7334930264b785b
-
Size
101KB
-
Sample
220212-jawmyshee6
-
MD5
e68751554bff4b0b15fcaf0be95c94d3
-
SHA1
eda9f34581a26dc9d071b7cc8d01b64dff9658a3
-
SHA256
0d85f5eb6f2708aa00be2bab7520f9b4db08177a81279bb5f7334930264b785b
-
SHA512
e2d7b6bee3cbb70dfd07124bd9c7edf23b364f1faf58d1b2f5f50c2f402a17c5e87b8510c4fce4f14a4264323058cf71d78d958bfebac1c5605490f52ce6fb25
Malware Config
Targets
-
-
Target
0d85f5eb6f2708aa00be2bab7520f9b4db08177a81279bb5f7334930264b785b
-
Size
101KB
-
MD5
e68751554bff4b0b15fcaf0be95c94d3
-
SHA1
eda9f34581a26dc9d071b7cc8d01b64dff9658a3
-
SHA256
0d85f5eb6f2708aa00be2bab7520f9b4db08177a81279bb5f7334930264b785b
-
SHA512
e2d7b6bee3cbb70dfd07124bd9c7edf23b364f1faf58d1b2f5f50c2f402a17c5e87b8510c4fce4f14a4264323058cf71d78d958bfebac1c5605490f52ce6fb25
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-