General
-
Target
0bd9866ebf0aacd07429ec32f9a8e4aef2580e47132ee2769fff3df95cb5282f
-
Size
176KB
-
Sample
220212-jxmcsshhb6
-
MD5
4f2e7a99aed5c9edf13fce5053d845c4
-
SHA1
05c2652699221730887ac7f3cf0e2c3595b438be
-
SHA256
0bd9866ebf0aacd07429ec32f9a8e4aef2580e47132ee2769fff3df95cb5282f
-
SHA512
3ef8897e3e8a52c4bd7b456687a10e4e683686d4c5911cbf9889d74f6bca9bb540bc448d1cbea9596423aef1721831925c909aebeba9e14fff83b8fc63926076
Malware Config
Targets
-
-
Target
0bd9866ebf0aacd07429ec32f9a8e4aef2580e47132ee2769fff3df95cb5282f
-
Size
176KB
-
MD5
4f2e7a99aed5c9edf13fce5053d845c4
-
SHA1
05c2652699221730887ac7f3cf0e2c3595b438be
-
SHA256
0bd9866ebf0aacd07429ec32f9a8e4aef2580e47132ee2769fff3df95cb5282f
-
SHA512
3ef8897e3e8a52c4bd7b456687a10e4e683686d4c5911cbf9889d74f6bca9bb540bc448d1cbea9596423aef1721831925c909aebeba9e14fff83b8fc63926076
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-