General
-
Target
0c4bb761d576afcb72bbed9b707d5cac6cc2cc2d14a7a830d10d5bd3a02eb1c5
-
Size
36KB
-
Sample
220212-jrze6sbdcp
-
MD5
3248826e8a19b42a30b97ddcdc2e6d7e
-
SHA1
a90c2c55fa49d8ba2cf613f1886a08983335a3b4
-
SHA256
0c4bb761d576afcb72bbed9b707d5cac6cc2cc2d14a7a830d10d5bd3a02eb1c5
-
SHA512
132fb2f1b3705e8c546d1975a5145370cf1082d4cd0f5ad7735719b087514ecd0ddc05e03a12dcf811bf8e566a0fee819cfa2dd423753395ff621157916ab311
Malware Config
Targets
-
-
Target
0c4bb761d576afcb72bbed9b707d5cac6cc2cc2d14a7a830d10d5bd3a02eb1c5
-
Size
36KB
-
MD5
3248826e8a19b42a30b97ddcdc2e6d7e
-
SHA1
a90c2c55fa49d8ba2cf613f1886a08983335a3b4
-
SHA256
0c4bb761d576afcb72bbed9b707d5cac6cc2cc2d14a7a830d10d5bd3a02eb1c5
-
SHA512
132fb2f1b3705e8c546d1975a5145370cf1082d4cd0f5ad7735719b087514ecd0ddc05e03a12dcf811bf8e566a0fee819cfa2dd423753395ff621157916ab311
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-