General
-
Target
0273ba88e2a095b47a1d6ad432e24414860347a209f4ff3a50d74e80f83eb425
-
Size
216KB
-
Sample
220212-panj8scah6
-
MD5
f8f0560a499459d9c92605a08e8ec6a9
-
SHA1
7e11931757735d1b6e352c32efc8c5b5f32d3e61
-
SHA256
0273ba88e2a095b47a1d6ad432e24414860347a209f4ff3a50d74e80f83eb425
-
SHA512
9b2cf92121de613ed7d13a72ffc6a2e262ba7e52460e98758b9a73a99d4efb005b209f6b9b31a16d539b96c5ae3ae4a6c3c89dfccebc96aa9e79a29df9f65e8f
Malware Config
Targets
-
-
Target
0273ba88e2a095b47a1d6ad432e24414860347a209f4ff3a50d74e80f83eb425
-
Size
216KB
-
MD5
f8f0560a499459d9c92605a08e8ec6a9
-
SHA1
7e11931757735d1b6e352c32efc8c5b5f32d3e61
-
SHA256
0273ba88e2a095b47a1d6ad432e24414860347a209f4ff3a50d74e80f83eb425
-
SHA512
9b2cf92121de613ed7d13a72ffc6a2e262ba7e52460e98758b9a73a99d4efb005b209f6b9b31a16d539b96c5ae3ae4a6c3c89dfccebc96aa9e79a29df9f65e8f
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-