General
-
Target
070debefff3c4bb58a5c46cda624f2a5c61688aac065e10db36cc8e508454709
-
Size
99KB
-
Sample
220212-mjj73achbn
-
MD5
7ae7dd73bf0d896d5536798a51d91366
-
SHA1
286cb6b952007c24f9cc0d7928987bc7a6972559
-
SHA256
070debefff3c4bb58a5c46cda624f2a5c61688aac065e10db36cc8e508454709
-
SHA512
0ff80e510a77a4af6b9478803a9fca50e46e896d25b1257f625b73d74fdee19eaa13089791ec6b79104a56a06944fc17b373b4d9b3b16224e14bd47fbac26435
Malware Config
Targets
-
-
Target
070debefff3c4bb58a5c46cda624f2a5c61688aac065e10db36cc8e508454709
-
Size
99KB
-
MD5
7ae7dd73bf0d896d5536798a51d91366
-
SHA1
286cb6b952007c24f9cc0d7928987bc7a6972559
-
SHA256
070debefff3c4bb58a5c46cda624f2a5c61688aac065e10db36cc8e508454709
-
SHA512
0ff80e510a77a4af6b9478803a9fca50e46e896d25b1257f625b73d74fdee19eaa13089791ec6b79104a56a06944fc17b373b4d9b3b16224e14bd47fbac26435
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-