General
-
Target
06032ab199a962ebafe6e6291ae1ab5537ca194d7b568649dfee536c3653c08f
-
Size
58KB
-
Sample
220212-mxk2hsbde4
-
MD5
bcdcd419098f734cff44fbf00dec8f85
-
SHA1
9e3393b5393e0f27845bdf08b3c186f4452128f9
-
SHA256
06032ab199a962ebafe6e6291ae1ab5537ca194d7b568649dfee536c3653c08f
-
SHA512
1b4595d3e33082f9f722a18d596cfde329233fea138dbeefff77a45b2571363d9c31352fa4acb1527a1ba90fa7a6248cceff8cf5f614004f391b06c06ac704d8
Malware Config
Targets
-
-
Target
06032ab199a962ebafe6e6291ae1ab5537ca194d7b568649dfee536c3653c08f
-
Size
58KB
-
MD5
bcdcd419098f734cff44fbf00dec8f85
-
SHA1
9e3393b5393e0f27845bdf08b3c186f4452128f9
-
SHA256
06032ab199a962ebafe6e6291ae1ab5537ca194d7b568649dfee536c3653c08f
-
SHA512
1b4595d3e33082f9f722a18d596cfde329233fea138dbeefff77a45b2571363d9c31352fa4acb1527a1ba90fa7a6248cceff8cf5f614004f391b06c06ac704d8
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-