General
-
Target
06ce26eb5617bd73544cad22aa6b4321279ba1424352db83ae98fdbf29cf2aa3
-
Size
79KB
-
Sample
220212-ml1b3achel
-
MD5
2d376c0848914a23fb0462d55a5e9f63
-
SHA1
ad39c3233cec973bbf39797680ea35ad5fdcd666
-
SHA256
06ce26eb5617bd73544cad22aa6b4321279ba1424352db83ae98fdbf29cf2aa3
-
SHA512
82981d98c3219ab07899a4b84a076bbd85133e7fa9c74d207aea8e2e295cfd2548a9be5c3cff4989fd383bbfed75855f22266905c513b412867b3150262ed710
Malware Config
Targets
-
-
Target
06ce26eb5617bd73544cad22aa6b4321279ba1424352db83ae98fdbf29cf2aa3
-
Size
79KB
-
MD5
2d376c0848914a23fb0462d55a5e9f63
-
SHA1
ad39c3233cec973bbf39797680ea35ad5fdcd666
-
SHA256
06ce26eb5617bd73544cad22aa6b4321279ba1424352db83ae98fdbf29cf2aa3
-
SHA512
82981d98c3219ab07899a4b84a076bbd85133e7fa9c74d207aea8e2e295cfd2548a9be5c3cff4989fd383bbfed75855f22266905c513b412867b3150262ed710
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-