sakula | e03cb9ab7ed78a4e0f90e05f708ce7588ba26b6a215718fc093c254fadceb3b0 | Triage

Submit
Reports

Overview

overview

Static

static

3

e03cb9ab7e...b0.exe

windows7-x64

e03cb9ab7e...b0.exe

windows10-2004-x64

Sharing

General

Target

e03cb9ab7ed78a4e0f90e05f708ce7588ba26b6a215718fc093c254fadceb3b0
Size

36KB
Sample

230809-pcwzdscg6y
MD5

84259579791819add5a93b5bde763f40
SHA1

6f9ab9c20337bc1d6fa99a3d29a9e65d4945cc1f
SHA256

e03cb9ab7ed78a4e0f90e05f708ce7588ba26b6a215718fc093c254fadceb3b0
SHA512

9cd0706c60ba5f461d7f2e6d62af2f15efed2964a321e5d8ba576763d1723ea679d84c21960df124c09b5a7e918aacab5ad08da999d9641d41804627de375424
SSDEEP

768:TwbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv2647D6:TwbYP4nuEApQK4TQbtY2gA9DX+ytBOI

Score

10^/10

sakula persistence rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e03cb9ab7ed78a4e0f90e05f708ce7588ba26b6a215718fc093c254fadceb3b0.exe

Resource

win7-20230712-en

sakula persistence rat trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

e03cb9ab7ed78a4e0f90e05f708ce7588ba26b6a215718fc093c254fadceb3b0.exe

Resource

win10v2004-20230703-en

sakula persistence rat trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  e03cb9ab7ed78a4e0f90e05f708ce7588ba26b6a215718fc093c254fadceb3b0
- Size
  
  36KB
- MD5
  
  84259579791819add5a93b5bde763f40
- SHA1
  
  6f9ab9c20337bc1d6fa99a3d29a9e65d4945cc1f
- SHA256
  
  e03cb9ab7ed78a4e0f90e05f708ce7588ba26b6a215718fc093c254fadceb3b0
- SHA512
  
  9cd0706c60ba5f461d7f2e6d62af2f15efed2964a321e5d8ba576763d1723ea679d84c21960df124c09b5a7e918aacab5ad08da999d9641d41804627de375424
- SSDEEP
  
  768:TwbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv2647D6:TwbYP4nuEApQK4TQbtY2gA9DX+ytBOI
Score

10^/10

sakula persistence rat trojan
- Sakula
  Sakula is a remote access trojan with various capabilities.
  trojan rat sakula
- Sakula payload
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

sakulapersistencerattrojan

behavioral2

sakulapersistencerattrojan

© 2018-2024

Terms | Privacy