General
-
Target
09745fd573a05d0699a4d1023cad4527842a42d7ee9a321802afe6a89f57412c
-
Size
101KB
-
Sample
220212-lmdc9aaga3
-
MD5
a557362b13542fff7e3d16c2020a5d19
-
SHA1
bb1dc06e6a6a8c84d97e192cb2c1a7420140565b
-
SHA256
09745fd573a05d0699a4d1023cad4527842a42d7ee9a321802afe6a89f57412c
-
SHA512
bfeecab907d77e85199858dba005c2dd0a8c445c6e415ce08ffa4d52802141c89647b947eb96606d471598cee47b7e45f5d2ffb1a766942435c405d2e926a09e
Malware Config
Targets
-
-
Target
09745fd573a05d0699a4d1023cad4527842a42d7ee9a321802afe6a89f57412c
-
Size
101KB
-
MD5
a557362b13542fff7e3d16c2020a5d19
-
SHA1
bb1dc06e6a6a8c84d97e192cb2c1a7420140565b
-
SHA256
09745fd573a05d0699a4d1023cad4527842a42d7ee9a321802afe6a89f57412c
-
SHA512
bfeecab907d77e85199858dba005c2dd0a8c445c6e415ce08ffa4d52802141c89647b947eb96606d471598cee47b7e45f5d2ffb1a766942435c405d2e926a09e
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-