sakula | 7fe9a70dac924f1d4b49dbf8a23b4b5ea087b323ea505b7bb4ee8d4e462a5046 | Triage

Submit
Reports

Overview

overview

Static

static

8

7fe9a70dac...46.exe

windows7-x64

7fe9a70dac...46.exe

windows10-2004-x64

Sharing

General

Target

7fe9a70dac924f1d4b49dbf8a23b4b5ea087b323ea505b7bb4ee8d4e462a5046
Size

39KB
Sample

220731-h4caqsebd6
MD5

983c610a270131e913ad48d2dd5b82eb
SHA1

6dc58e7e5c5663bb22b9db2e3926fe8f18e0c9aa
SHA256

7fe9a70dac924f1d4b49dbf8a23b4b5ea087b323ea505b7bb4ee8d4e462a5046
SHA512

dfbd56e772a0392ee466d576be8ac7b353c63e564f9c6f06368d02dde1f0c2b805f8195a26a83fcddab6bdba3a421a3b6e90b27208c17a2fe929ee394354a699

Score

10^/10

sakula persistence rat trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

7fe9a70dac924f1d4b49dbf8a23b4b5ea087b323ea505b7bb4ee8d4e462a5046.exe

Resource

win7-20220715-en

sakula persistence rat trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

7fe9a70dac924f1d4b49dbf8a23b4b5ea087b323ea505b7bb4ee8d4e462a5046.exe

Resource

win10v2004-20220721-en

sakula persistence rat trojan upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  7fe9a70dac924f1d4b49dbf8a23b4b5ea087b323ea505b7bb4ee8d4e462a5046
- Size
  
  39KB
- MD5
  
  983c610a270131e913ad48d2dd5b82eb
- SHA1
  
  6dc58e7e5c5663bb22b9db2e3926fe8f18e0c9aa
- SHA256
  
  7fe9a70dac924f1d4b49dbf8a23b4b5ea087b323ea505b7bb4ee8d4e462a5046
- SHA512
  
  dfbd56e772a0392ee466d576be8ac7b353c63e564f9c6f06368d02dde1f0c2b805f8195a26a83fcddab6bdba3a421a3b6e90b27208c17a2fe929ee394354a699
Score

10^/10

sakula persistence rat trojan upx
- Sakula
  Sakula is a remote access trojan with various capabilities.
  trojan rat sakula
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

sakulapersistencerattrojanupx

behavioral2

sakulapersistencerattrojanupx

© 2018-2024

Terms | Privacy