General
-
Target
070fbc5c10adfb718bb30092d09f99fdbb62ec3f89dfc7c14af2ca5c19c6b9e9
-
Size
58KB
-
Sample
220212-mje84schbm
-
MD5
a232833b1e1dfeb2eeee5662d547587a
-
SHA1
7165cac9418f75245859f37de3352c47905102bd
-
SHA256
070fbc5c10adfb718bb30092d09f99fdbb62ec3f89dfc7c14af2ca5c19c6b9e9
-
SHA512
9f7317fbe0b41dde42aa642ad4575f21e18888816c9a7167c71e943bb0558c5fb9eac3e90efdc63cff24a3256217ae1d8666dc9958ffb85ad245740efd1851a1
Malware Config
Targets
-
-
Target
070fbc5c10adfb718bb30092d09f99fdbb62ec3f89dfc7c14af2ca5c19c6b9e9
-
Size
58KB
-
MD5
a232833b1e1dfeb2eeee5662d547587a
-
SHA1
7165cac9418f75245859f37de3352c47905102bd
-
SHA256
070fbc5c10adfb718bb30092d09f99fdbb62ec3f89dfc7c14af2ca5c19c6b9e9
-
SHA512
9f7317fbe0b41dde42aa642ad4575f21e18888816c9a7167c71e943bb0558c5fb9eac3e90efdc63cff24a3256217ae1d8666dc9958ffb85ad245740efd1851a1
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-