General
-
Target
09afb02a9d645b6b6dd38d969bde96becb959e23f04f6dcb5ea7e44b6b7c6844
-
Size
216KB
-
Sample
220212-lja4qaafe5
-
MD5
851773e63e4cf5d828506b9e6b979ac5
-
SHA1
796eac7057f861e1d13963ca3d3a54ff8aa365d3
-
SHA256
09afb02a9d645b6b6dd38d969bde96becb959e23f04f6dcb5ea7e44b6b7c6844
-
SHA512
898f41cac4a13780d7add3c42c30153cb630c8c21be060add1b2b785df283e9164bbd96635ff1686a8c013af32b0490d646422bfad328c53831d0ff049ecc5b5
Malware Config
Targets
-
-
Target
09afb02a9d645b6b6dd38d969bde96becb959e23f04f6dcb5ea7e44b6b7c6844
-
Size
216KB
-
MD5
851773e63e4cf5d828506b9e6b979ac5
-
SHA1
796eac7057f861e1d13963ca3d3a54ff8aa365d3
-
SHA256
09afb02a9d645b6b6dd38d969bde96becb959e23f04f6dcb5ea7e44b6b7c6844
-
SHA512
898f41cac4a13780d7add3c42c30153cb630c8c21be060add1b2b785df283e9164bbd96635ff1686a8c013af32b0490d646422bfad328c53831d0ff049ecc5b5
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-