sakula | 7b02367381c3312793f0edb4684a9732d207b55fdd70f2af974ae200e30368e3 | Triage

Sharing

General

Target

2025-04-11_8697dda4e1dcc722cbde1318d52dd14a_amadey_elex_rhadamanthys_sakula_smoke-loader
Size

92KB
Sample

250411-gry4as1pv5
MD5

8697dda4e1dcc722cbde1318d52dd14a
SHA1

1b895431083c47c00c20d2a7652c20a6d0f0381a
SHA256

7b02367381c3312793f0edb4684a9732d207b55fdd70f2af974ae200e30368e3
SHA512

da8c3ff87ac73196a5a1eb3bc6be56d4e7fb8119b0fdb47d74a5494d9e60184c7c7dd2a5efefae8caa412f2cfaf0aa05e19dda5d1b0cefc2d26ad518dfa3490d
SSDEEP

1536:TJbCiJVkgMaT2itTkjoRXnM48dXFajVPYxCEtkz30rtrC:9bfVk29te2jqxCEtg30B+

Score

10^/10

sakula discovery persistence rat trojan

Malware Config

Extracted

Family

sakula

C2

www.savmpet.com

Targets

- Target
  
  2025-04-11_8697dda4e1dcc722cbde1318d52dd14a_amadey_elex_rhadamanthys_sakula_smoke-loader
- Size
  
  92KB
- MD5
  
  8697dda4e1dcc722cbde1318d52dd14a
- SHA1
  
  1b895431083c47c00c20d2a7652c20a6d0f0381a
- SHA256
  
  7b02367381c3312793f0edb4684a9732d207b55fdd70f2af974ae200e30368e3
- SHA512
  
  da8c3ff87ac73196a5a1eb3bc6be56d4e7fb8119b0fdb47d74a5494d9e60184c7c7dd2a5efefae8caa412f2cfaf0aa05e19dda5d1b0cefc2d26ad518dfa3490d
- SSDEEP
  
  1536:TJbCiJVkgMaT2itTkjoRXnM48dXFajVPYxCEtkz30rtrC:9bfVk29te2jqxCEtg30B+
Score

10^/10

sakula discovery persistence rat trojan
- Sakula
  Sakula is a remote access trojan with various capabilities.
  trojan rat sakula
- Sakula family
  sakula
- Sakula payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sakuladiscoverypersistencerattrojan