General
-
Target
00070fe0fe6962fa10a1baed2d7c30252be6b42b4a514d4dbe65b55590b0b1f9
-
Size
100KB
-
Sample
220212-p46ynsecdk
-
MD5
ceb48121c589937a7944e798704a0eee
-
SHA1
70c7fbb325eabb3c2553cef87fd20618a66528b9
-
SHA256
00070fe0fe6962fa10a1baed2d7c30252be6b42b4a514d4dbe65b55590b0b1f9
-
SHA512
69be5eddba49d49204ab8dcf7c1bf254347aa066b6e827308eb5ecabcc87c24579e22b2817e3f43273549b2a9f7dfb912b0b20ab30e1025557e6233c15d1ec31
Malware Config
Targets
-
-
Target
00070fe0fe6962fa10a1baed2d7c30252be6b42b4a514d4dbe65b55590b0b1f9
-
Size
100KB
-
MD5
ceb48121c589937a7944e798704a0eee
-
SHA1
70c7fbb325eabb3c2553cef87fd20618a66528b9
-
SHA256
00070fe0fe6962fa10a1baed2d7c30252be6b42b4a514d4dbe65b55590b0b1f9
-
SHA512
69be5eddba49d49204ab8dcf7c1bf254347aa066b6e827308eb5ecabcc87c24579e22b2817e3f43273549b2a9f7dfb912b0b20ab30e1025557e6233c15d1ec31
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-