General
-
Target
015857614259a0c646a6ec6c26e8ce47920b04c0c1ae033fd6c2cf542ddc0a6c
-
Size
58KB
-
Sample
220212-ppc22scce4
-
MD5
98522910f82f80611880380e09a8d852
-
SHA1
2a28ece15f24e357308a987e0bc11e55572d7a38
-
SHA256
015857614259a0c646a6ec6c26e8ce47920b04c0c1ae033fd6c2cf542ddc0a6c
-
SHA512
f60fd716927b4c3c8151eeaada65629989d8d282c7afe7accd925ab9cbb13cfe40b180bbfce0a651b070f65bba9bb22f991615eb51c5895322b4fc60a5146c87
Malware Config
Targets
-
-
Target
015857614259a0c646a6ec6c26e8ce47920b04c0c1ae033fd6c2cf542ddc0a6c
-
Size
58KB
-
MD5
98522910f82f80611880380e09a8d852
-
SHA1
2a28ece15f24e357308a987e0bc11e55572d7a38
-
SHA256
015857614259a0c646a6ec6c26e8ce47920b04c0c1ae033fd6c2cf542ddc0a6c
-
SHA512
f60fd716927b4c3c8151eeaada65629989d8d282c7afe7accd925ab9cbb13cfe40b180bbfce0a651b070f65bba9bb22f991615eb51c5895322b4fc60a5146c87
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-