General
-
Target
02068001c8fa9369f1953c9f55cae012c6fdc4fa82b55373211d53d42b10d144
-
Size
35KB
-
Sample
220212-pfvwhadhdq
-
MD5
cdf5adf29915197a7971e6e108996847
-
SHA1
4b0b5e715d00e8e29413ad2b9f5bd5d1d3ce0733
-
SHA256
02068001c8fa9369f1953c9f55cae012c6fdc4fa82b55373211d53d42b10d144
-
SHA512
ef5e37c7e057572739478c77e28ba1fdaeac7140f222fad7aa612d1c0f36594de4de6c7c8c13a197cdc032da8365630bb58371eb122adf2b95791d1fd011015b
Malware Config
Targets
-
-
Target
02068001c8fa9369f1953c9f55cae012c6fdc4fa82b55373211d53d42b10d144
-
Size
35KB
-
MD5
cdf5adf29915197a7971e6e108996847
-
SHA1
4b0b5e715d00e8e29413ad2b9f5bd5d1d3ce0733
-
SHA256
02068001c8fa9369f1953c9f55cae012c6fdc4fa82b55373211d53d42b10d144
-
SHA512
ef5e37c7e057572739478c77e28ba1fdaeac7140f222fad7aa612d1c0f36594de4de6c7c8c13a197cdc032da8365630bb58371eb122adf2b95791d1fd011015b
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-