General
-
Target
098e95f77bbb1aa8ee0125920c0c423bad8ac0425fe8a3d7e5cb0aae275d4382
-
Size
58KB
-
Sample
220212-lkf2csaff8
-
MD5
056beb449b8588a0580792a95b0c9d27
-
SHA1
a544af8d0f53b20c18e914f6e39f98bfcb59acbf
-
SHA256
098e95f77bbb1aa8ee0125920c0c423bad8ac0425fe8a3d7e5cb0aae275d4382
-
SHA512
415c0c3bd2182ee4792537c2309aa14c2428065fdb82c6fb015569ade98a8adf47019efb0b7e107dafdde37836240da71e922b644b11038f59d0465fbad67a2a
Malware Config
Targets
-
-
Target
098e95f77bbb1aa8ee0125920c0c423bad8ac0425fe8a3d7e5cb0aae275d4382
-
Size
58KB
-
MD5
056beb449b8588a0580792a95b0c9d27
-
SHA1
a544af8d0f53b20c18e914f6e39f98bfcb59acbf
-
SHA256
098e95f77bbb1aa8ee0125920c0c423bad8ac0425fe8a3d7e5cb0aae275d4382
-
SHA512
415c0c3bd2182ee4792537c2309aa14c2428065fdb82c6fb015569ade98a8adf47019efb0b7e107dafdde37836240da71e922b644b11038f59d0465fbad67a2a
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-