General
-
Target
0c6fb3310af51d4c7d6e07310c9071f1a1e6a0466a4c439f35b665064c7f4fb3
-
Size
80KB
-
Sample
220212-jqzpjshgd5
-
MD5
7b5f0653feb0039d983294ec95540060
-
SHA1
1c65b55de285009beecbbce0df811bad3d7d281d
-
SHA256
0c6fb3310af51d4c7d6e07310c9071f1a1e6a0466a4c439f35b665064c7f4fb3
-
SHA512
5ca7cbc3f9f794d0d5a34f38d96f1569d05371751362a4b37e3a9ee4384a34fe0339296575d2ba35e77e5e103d6d0f477d01ccdce2f4a68db540d35fbb50b06d
Malware Config
Targets
-
-
Target
0c6fb3310af51d4c7d6e07310c9071f1a1e6a0466a4c439f35b665064c7f4fb3
-
Size
80KB
-
MD5
7b5f0653feb0039d983294ec95540060
-
SHA1
1c65b55de285009beecbbce0df811bad3d7d281d
-
SHA256
0c6fb3310af51d4c7d6e07310c9071f1a1e6a0466a4c439f35b665064c7f4fb3
-
SHA512
5ca7cbc3f9f794d0d5a34f38d96f1569d05371751362a4b37e3a9ee4384a34fe0339296575d2ba35e77e5e103d6d0f477d01ccdce2f4a68db540d35fbb50b06d
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-