General
-
Target
060882244b236b5b75786f910c4f7cc0f75cbaef56cdee71d65845552c548e57
-
Size
104KB
-
Sample
220212-mw3vyabdd3
-
MD5
7a4628468c873ac4fd34de9975276e7f
-
SHA1
ee60da3b190c0b89f6a085e62a838cfa3bf1830d
-
SHA256
060882244b236b5b75786f910c4f7cc0f75cbaef56cdee71d65845552c548e57
-
SHA512
e881c933785b9129557c6545b9acf46b13cd3c97d18df99bb3347bc641bf02be345bced75a387115b9fb1b7cd55f0fc17288f0ea6e863914d736547bde7dbe45
Malware Config
Targets
-
-
Target
060882244b236b5b75786f910c4f7cc0f75cbaef56cdee71d65845552c548e57
-
Size
104KB
-
MD5
7a4628468c873ac4fd34de9975276e7f
-
SHA1
ee60da3b190c0b89f6a085e62a838cfa3bf1830d
-
SHA256
060882244b236b5b75786f910c4f7cc0f75cbaef56cdee71d65845552c548e57
-
SHA512
e881c933785b9129557c6545b9acf46b13cd3c97d18df99bb3347bc641bf02be345bced75a387115b9fb1b7cd55f0fc17288f0ea6e863914d736547bde7dbe45
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-