sakula | dfff15bafd692a0fdaba1112db5e45bf833beded493f1f97f4264b175ade1a1c | Triage

Resubmissions

22-02-2022 12:38

220222-pt2afaaabn 10

06-07-2020 07:26

200706-je7e9l28s2 1

Sharing

General

Target

dfff15bafd692a0fdaba1112db5e45bf833beded493f1f97f4264b175ade1a1c
Size

77KB
Sample

220222-pt2afaaabn
MD5

cce983f04093a936e29dbf1d7078bc53
SHA1

619637bdcb8ed1a59e36e6badd1a189bdb35bc2f
SHA256

dfff15bafd692a0fdaba1112db5e45bf833beded493f1f97f4264b175ade1a1c
SHA512

2d84b360e7d5c636b5a893de51a2bc49392731660562be5a1117f9924d6e3f872d74af6a279b71fbb4cb4b1430ca02395d5e160a945d125cf1d3fef9b615d0a5

Score

10^/10

sakula persistence rat suricata trojan

Malware Config

Targets

- Target
  
  dfff15bafd692a0fdaba1112db5e45bf833beded493f1f97f4264b175ade1a1c
- Size
  
  77KB
- MD5
  
  cce983f04093a936e29dbf1d7078bc53
- SHA1
  
  619637bdcb8ed1a59e36e6badd1a189bdb35bc2f
- SHA256
  
  dfff15bafd692a0fdaba1112db5e45bf833beded493f1f97f4264b175ade1a1c
- SHA512
  
  2d84b360e7d5c636b5a893de51a2bc49392731660562be5a1117f9924d6e3f872d74af6a279b71fbb4cb4b1430ca02395d5e160a945d125cf1d3fef9b615d0a5
Score

10^/10

sakula persistence rat suricata trojan
- Sakula
  Sakula is a remote access trojan with various capabilities.
  trojan rat sakula
- suricata: ET MALWARE Possible DEEP PANDA C2 Activity
  suricata: ET MALWARE Possible DEEP PANDA C2 Activity
  suricata
- suricata: ET MALWARE Possible Deep Panda - Sakula/Mivast RAT CnC Beacon 5
  suricata: ET MALWARE Possible Deep Panda - Sakula/Mivast RAT CnC Beacon 5
  suricata
- suricata: ET MALWARE Sakula/Mivast C2 Activity
  suricata: ET MALWARE Sakula/Mivast C2 Activity
  suricata
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sakulapersistenceratsuricatatrojan

behavioral2

sakulapersistenceratsuricatatrojan

behavioral3

sakulapersistenceratsuricatatrojan