General
-
Target
08d3904bcae9fe43aaabb4b2e85ac0ead13d0b8361a77c51307cc7e4c365e681
-
Size
99KB
-
Sample
220212-lvzlfsagg9
-
MD5
5c0588a2d131503f90ce52023501dc85
-
SHA1
b4611a33715ac0d9a9101b45e706efe4b5cb5666
-
SHA256
08d3904bcae9fe43aaabb4b2e85ac0ead13d0b8361a77c51307cc7e4c365e681
-
SHA512
96e89e05fa38240b36934899d0d0c327d00f4621b61671d436185bcf50cde7b819bf08ead88c20eba22fba736b024c8e1db66179b5b706b9acb2841769f1a54c
Malware Config
Targets
-
-
Target
08d3904bcae9fe43aaabb4b2e85ac0ead13d0b8361a77c51307cc7e4c365e681
-
Size
99KB
-
MD5
5c0588a2d131503f90ce52023501dc85
-
SHA1
b4611a33715ac0d9a9101b45e706efe4b5cb5666
-
SHA256
08d3904bcae9fe43aaabb4b2e85ac0ead13d0b8361a77c51307cc7e4c365e681
-
SHA512
96e89e05fa38240b36934899d0d0c327d00f4621b61671d436185bcf50cde7b819bf08ead88c20eba22fba736b024c8e1db66179b5b706b9acb2841769f1a54c
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-