General
-
Target
060ad1c5f00918dcb8d16cbbb33a607e6b358ca7633fbaf4a8993049c3174b2b
-
Size
79KB
-
Sample
220212-mwtx2adafl
-
MD5
926b92dc7cd0cddd94dd74ceba617b8f
-
SHA1
e88ada0f17ee666d6d15b0baf26ca3a67ff739b7
-
SHA256
060ad1c5f00918dcb8d16cbbb33a607e6b358ca7633fbaf4a8993049c3174b2b
-
SHA512
a406881ac00d3db494d6063fc7bf25e8b7e042e3ed98e951f0b12581c8a209cef1b17fd433039f6abb853c96b45f981cc1565b16b76238f8b114d06d9e3cf748
Malware Config
Targets
-
-
Target
060ad1c5f00918dcb8d16cbbb33a607e6b358ca7633fbaf4a8993049c3174b2b
-
Size
79KB
-
MD5
926b92dc7cd0cddd94dd74ceba617b8f
-
SHA1
e88ada0f17ee666d6d15b0baf26ca3a67ff739b7
-
SHA256
060ad1c5f00918dcb8d16cbbb33a607e6b358ca7633fbaf4a8993049c3174b2b
-
SHA512
a406881ac00d3db494d6063fc7bf25e8b7e042e3ed98e951f0b12581c8a209cef1b17fd433039f6abb853c96b45f981cc1565b16b76238f8b114d06d9e3cf748
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-