General
-
Target
05ce6dcdc17d4f4280d3493b016ad2e502d51b226d17f9fd784e3c7bc403b54b
-
Size
80KB
-
Sample
220212-m1cjjsdbal
-
MD5
9dbc69f66a801f8521b6a4f6beb59b3b
-
SHA1
81460e55b3c4125a147302ded0080af8e7a41838
-
SHA256
05ce6dcdc17d4f4280d3493b016ad2e502d51b226d17f9fd784e3c7bc403b54b
-
SHA512
a7c23decd04cdf8c39b8ed836d6fe2974b08460bb4ccec5fb9027e86330e46763d8a1151d857f2f2c2e92ae59b3074c656669122a32f775fa13d0635fa898e6e
Malware Config
Targets
-
-
Target
05ce6dcdc17d4f4280d3493b016ad2e502d51b226d17f9fd784e3c7bc403b54b
-
Size
80KB
-
MD5
9dbc69f66a801f8521b6a4f6beb59b3b
-
SHA1
81460e55b3c4125a147302ded0080af8e7a41838
-
SHA256
05ce6dcdc17d4f4280d3493b016ad2e502d51b226d17f9fd784e3c7bc403b54b
-
SHA512
a7c23decd04cdf8c39b8ed836d6fe2974b08460bb4ccec5fb9027e86330e46763d8a1151d857f2f2c2e92ae59b3074c656669122a32f775fa13d0635fa898e6e
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-