Extracted

• • Target

    56146eaf36e94f63c3aa267da50b966c977e697219df6e6bbab96591c0531a8d

  • Size

    4.2MB

  • MD5

    6bb5ca02a0d6ddaf5466da634523d810

  • SHA1

    60cf5acfc85682d9c9c923de48a969b4bbe74b71

  • SHA256

    56146eaf36e94f63c3aa267da50b966c977e697219df6e6bbab96591c0531a8d

  • SHA512

    711f4a776f7906ded65b4a51f0378c5bb20b7cabf8dd0275b6595ed306904d761d3361a297184b826c4257f20effee398416fce669ebe7bb6ae68f013b8c14ab

  • SSDEEP

    6144:N29qRfVSndj30Bk+7D2q49FZvV7RWJJWJQWJnWJfWJIWJAJN1WJAJcWJAJxWJAJM:FRfQntCX9

  Score

  10^/10

  sakulapersistencerattrojan

  • Sakula

    Sakula is a remote access trojan with various capabilities.

    trojanratsakula

  • Sakula payload

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence
  behavioral1behavioral2