General
-
Target
0d29f5cfedbb11a76a9ba4bd161368bba2ffbeaa76877e5b97b03f088e076b9f
-
Size
101KB
-
Sample
220212-je9qdabbfn
-
MD5
d730522c7fe34139c353f11347daf56f
-
SHA1
b8f9403a0b7e65730f913e908f1fe5ae1f26ec56
-
SHA256
0d29f5cfedbb11a76a9ba4bd161368bba2ffbeaa76877e5b97b03f088e076b9f
-
SHA512
9862d35601a8ad5355fd50b2046a3d325e529d8e91daea880d30ed306ce8f9e322b0cc49933b6ec023166f98cd502632993389439fbc76dad11402fa468c8c79
Malware Config
Targets
-
-
Target
0d29f5cfedbb11a76a9ba4bd161368bba2ffbeaa76877e5b97b03f088e076b9f
-
Size
101KB
-
MD5
d730522c7fe34139c353f11347daf56f
-
SHA1
b8f9403a0b7e65730f913e908f1fe5ae1f26ec56
-
SHA256
0d29f5cfedbb11a76a9ba4bd161368bba2ffbeaa76877e5b97b03f088e076b9f
-
SHA512
9862d35601a8ad5355fd50b2046a3d325e529d8e91daea880d30ed306ce8f9e322b0cc49933b6ec023166f98cd502632993389439fbc76dad11402fa468c8c79
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-