sakula | 962398a8148727431d8a651dcacbb972883559f651f19784a0a0cd9c30c63a2f | Triage

Sharing

General

Target

962398a8148727431d8a651dcacbb972883559f651f19784a0a0cd9c30c63a2f
Size

42KB
Sample

220326-d7673afha5
MD5

0df6396e7775f62dba90ff08a846cc34
SHA1

6bbc28cd80acc12f222c45b8ab93a7b34f0d6b48
SHA256

962398a8148727431d8a651dcacbb972883559f651f19784a0a0cd9c30c63a2f
SHA512

7f46b8d2b8f0281d249e626c9e1dcbffe1b8054ea926e3bbb53cceb029d40843a33c986bc6d17ebbec992b395cf288e2b61e37a3d42036eef9c5f1521e24c2df

Score

10^/10

sakula persistence rat trojan

Malware Config

Targets

- Target
  
  962398a8148727431d8a651dcacbb972883559f651f19784a0a0cd9c30c63a2f
- Size
  
  42KB
- MD5
  
  0df6396e7775f62dba90ff08a846cc34
- SHA1
  
  6bbc28cd80acc12f222c45b8ab93a7b34f0d6b48
- SHA256
  
  962398a8148727431d8a651dcacbb972883559f651f19784a0a0cd9c30c63a2f
- SHA512
  
  7f46b8d2b8f0281d249e626c9e1dcbffe1b8054ea926e3bbb53cceb029d40843a33c986bc6d17ebbec992b395cf288e2b61e37a3d42036eef9c5f1521e24c2df
Score

10^/10

sakula persistence rat trojan
- Sakula
  Sakula is a remote access trojan with various capabilities.
  trojan rat sakula
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

sakulapersistencerattrojan

behavioral2

sakulapersistencerattrojan