sakula | 2feda3b406e459fa22da191c9bd2593f6476bb52167895eae4b4be82b6d0540c | Triage

Submit
Reports

Overview

overview

Static

static

2feda3b406...0c.exe

windows7-x64

2feda3b406...0c.exe

windows10-2004-x64

Sharing

General

Target

2feda3b406e459fa22da191c9bd2593f6476bb52167895eae4b4be82b6d0540c
Size

101KB
Sample

230809-q69ysadd5s
MD5

31e86a3424261ddb573e49f4756bd004
SHA1

d90510ce9f324cf02be72002db685421af3c437d
SHA256

2feda3b406e459fa22da191c9bd2593f6476bb52167895eae4b4be82b6d0540c
SHA512

4e27b5009708d12cf72b42476e1b0101eb706c6784212872ffc70a70cb09364b45a3ba921c8eaf0ebd6d417460a08fa69695711efc7c13fadfa390565ae112af
SSDEEP

1536:0oaj1hJL1S9t0MIeboal8bCKxo7h0RP0IwHNz30rtroGCr2:P0hpgz6xGhTIwHF30BENr2

Score

10^/10

sakula persistence rat trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2feda3b406e459fa22da191c9bd2593f6476bb52167895eae4b4be82b6d0540c.exe

Resource

win7-20230712-en

sakula persistence rat trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2feda3b406e459fa22da191c9bd2593f6476bb52167895eae4b4be82b6d0540c.exe

Resource

win10v2004-20230703-en

sakula persistence rat trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2feda3b406e459fa22da191c9bd2593f6476bb52167895eae4b4be82b6d0540c
- Size
  
  101KB
- MD5
  
  31e86a3424261ddb573e49f4756bd004
- SHA1
  
  d90510ce9f324cf02be72002db685421af3c437d
- SHA256
  
  2feda3b406e459fa22da191c9bd2593f6476bb52167895eae4b4be82b6d0540c
- SHA512
  
  4e27b5009708d12cf72b42476e1b0101eb706c6784212872ffc70a70cb09364b45a3ba921c8eaf0ebd6d417460a08fa69695711efc7c13fadfa390565ae112af
- SSDEEP
  
  1536:0oaj1hJL1S9t0MIeboal8bCKxo7h0RP0IwHNz30rtroGCr2:P0hpgz6xGhTIwHF30BENr2
Score

10^/10

sakula persistence rat trojan
- Sakula
  Sakula is a remote access trojan with various capabilities.
  trojan rat sakula
- Sakula payload
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

sakulapersistencerattrojan

behavioral2

sakulapersistencerattrojan

© 2018-2024

Terms | Privacy