sakula | 05adf712a9c938377cce214ede0b13d627f656d0a929b2734528d4254cd30e9d | Triage

Submit
Reports

Overview

overview

Static

static

05adf712a9...9d.exe

windows7_x64

05adf712a9...9d.exe

windows10-2004_x64

Sharing

General

Target

05adf712a9c938377cce214ede0b13d627f656d0a929b2734528d4254cd30e9d
Size

60KB
Sample

220212-m2eqasbea6
MD5

e6303b6b0a1eeea73b6d1f81995123b3
SHA1

60014e56013b00f1e6bd7cf486e34a1a46f8ba73
SHA256

05adf712a9c938377cce214ede0b13d627f656d0a929b2734528d4254cd30e9d
SHA512

24a097c88968f1aa2847dc2bd41f95f17018aca4e2b2f6850ad6199ee9074fb85db048a881789569c552ec496b6367f70a8be5641f1a5cada769ae6d61bd3a2d

Score

10^/10

sakula persistence rat trojan

Static task

static1

Behavioral task

behavioral1

Sample

05adf712a9c938377cce214ede0b13d627f656d0a929b2734528d4254cd30e9d.exe

Resource

win7-en-20211208

sakula persistence rat trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

05adf712a9c938377cce214ede0b13d627f656d0a929b2734528d4254cd30e9d.exe

Resource

win10v2004-en-20220112

sakula persistence rat trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  05adf712a9c938377cce214ede0b13d627f656d0a929b2734528d4254cd30e9d
- Size
  
  60KB
- MD5
  
  e6303b6b0a1eeea73b6d1f81995123b3
- SHA1
  
  60014e56013b00f1e6bd7cf486e34a1a46f8ba73
- SHA256
  
  05adf712a9c938377cce214ede0b13d627f656d0a929b2734528d4254cd30e9d
- SHA512
  
  24a097c88968f1aa2847dc2bd41f95f17018aca4e2b2f6850ad6199ee9074fb85db048a881789569c552ec496b6367f70a8be5641f1a5cada769ae6d61bd3a2d
Score

10^/10

sakula persistence rat trojan
- Sakula
  Sakula is a remote access trojan with various capabilities.
  trojan rat sakula
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sakulapersistencerattrojan

behavioral2

sakulapersistencerattrojan

© 2018-2024

Terms | Privacy