General
-
Target
096755742c433ec53a45396b132ed9e354f1a3285a9405b6db10ff1acb0f8e28
-
Size
192KB
-
Sample
220212-lmv83aaga5
-
MD5
484d6bdf262b4acf20f8bfc0268740cb
-
SHA1
69471aff726c9b8a3b62d83e7204f7cb8779e1c7
-
SHA256
096755742c433ec53a45396b132ed9e354f1a3285a9405b6db10ff1acb0f8e28
-
SHA512
ca89511ee306529bdd341cc45ee0065295dfdc658a6ff794d142d4a91d666eed9b99aa96e4c5e95d60cfe9c14d54d5c081b57d58bdd5c88a4dcc1c1ef4e30a26
Malware Config
Targets
-
-
Target
096755742c433ec53a45396b132ed9e354f1a3285a9405b6db10ff1acb0f8e28
-
Size
192KB
-
MD5
484d6bdf262b4acf20f8bfc0268740cb
-
SHA1
69471aff726c9b8a3b62d83e7204f7cb8779e1c7
-
SHA256
096755742c433ec53a45396b132ed9e354f1a3285a9405b6db10ff1acb0f8e28
-
SHA512
ca89511ee306529bdd341cc45ee0065295dfdc658a6ff794d142d4a91d666eed9b99aa96e4c5e95d60cfe9c14d54d5c081b57d58bdd5c88a4dcc1c1ef4e30a26
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-