General
-
Target
0d15e11a7278f253ee8be5a59fb7a4ffbae3f1f0b314f02a9e29f8eccc8324f5
-
Size
60KB
-
Sample
220212-jf6p4shfc2
-
MD5
51e81941183e19dcc34a5d2fa1aaa1b3
-
SHA1
835a0feab695aabef26e8f5d135c4faf3306c7bf
-
SHA256
0d15e11a7278f253ee8be5a59fb7a4ffbae3f1f0b314f02a9e29f8eccc8324f5
-
SHA512
26e6f86d199b231d0772ad0e619c173adfd2121356cc43bc50dda3206a759f4664a0486d3d00b0942df66f62330f36b8410d62164c3ab2ce41d1058f134d4cb0
Malware Config
Targets
-
-
Target
0d15e11a7278f253ee8be5a59fb7a4ffbae3f1f0b314f02a9e29f8eccc8324f5
-
Size
60KB
-
MD5
51e81941183e19dcc34a5d2fa1aaa1b3
-
SHA1
835a0feab695aabef26e8f5d135c4faf3306c7bf
-
SHA256
0d15e11a7278f253ee8be5a59fb7a4ffbae3f1f0b314f02a9e29f8eccc8324f5
-
SHA512
26e6f86d199b231d0772ad0e619c173adfd2121356cc43bc50dda3206a759f4664a0486d3d00b0942df66f62330f36b8410d62164c3ab2ce41d1058f134d4cb0
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-