General
-
Target
568292d2e4101ca0c263f906e97344a4_JC.exe
-
Size
79KB
-
Sample
231003-v49bpagb49
-
MD5
568292d2e4101ca0c263f906e97344a4
-
SHA1
fe6f39e1defd2197b139a26b7c4fd9601aade0b3
-
SHA256
75dcbf5b364ce82e5a58d265a73b95f3613da09f421391a7b1576fa475fe36fb
-
SHA512
3c090d41dc887516bf212f8f9bf885f9d5970d8a467d71dbd1cb516ba4cf2e6a9dc7b169afb658b9ab2972dea0f9559e4dbb95bffdc7edf0967369f9e9f6dba9
-
SSDEEP
1536:MSoaj1hJL1S9t0MIeboal8bCKxo7h0RP0jwHVz30rtro+:M90hpgz6xGhTjwHN30BE+
Malware Config
Targets
-
-
Target
568292d2e4101ca0c263f906e97344a4_JC.exe
-
Size
79KB
-
MD5
568292d2e4101ca0c263f906e97344a4
-
SHA1
fe6f39e1defd2197b139a26b7c4fd9601aade0b3
-
SHA256
75dcbf5b364ce82e5a58d265a73b95f3613da09f421391a7b1576fa475fe36fb
-
SHA512
3c090d41dc887516bf212f8f9bf885f9d5970d8a467d71dbd1cb516ba4cf2e6a9dc7b169afb658b9ab2972dea0f9559e4dbb95bffdc7edf0967369f9e9f6dba9
-
SSDEEP
1536:MSoaj1hJL1S9t0MIeboal8bCKxo7h0RP0jwHVz30rtro+:M90hpgz6xGhTjwHN30BE+
Score10/10-
Sakula
Sakula is a remote access trojan with various capabilities.
-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-