sakula | 6a14c9c63b67a7a6890102782411d541875501cf8fb0c0311340816e3cfce412 | Triage

Sharing

General

Target

2025-04-11_26369b40620f8e5ed3119d499aa1e4a1_amadey_elex_rhadamanthys_sakula_smoke-loader
Size

92KB
Sample

250411-pyanaayyfv
MD5

26369b40620f8e5ed3119d499aa1e4a1
SHA1

6ea9f260ef61fa3104ad0ee4f85ce9419cdf7472
SHA256

6a14c9c63b67a7a6890102782411d541875501cf8fb0c0311340816e3cfce412
SHA512

7efcf2433a72f6725f953fb8a2eb5c42a4d97b93e07b067d1c4eceab5f58fcaa1adc450a7fb9fb13c4a75045ce756d8ad67ebe07b6d1980bf605d46556572aba
SSDEEP

1536:TJbCiJVkgMaT2itTkjoRXnM48dXFajVPYxCEtkz30rtrR:9bfVk29te2jqxCEtg30Bt

Score

10^/10

sakula discovery persistence rat trojan

Malware Config

Extracted

Family

sakula

C2

www.savmpet.com

Targets

- Target
  
  2025-04-11_26369b40620f8e5ed3119d499aa1e4a1_amadey_elex_rhadamanthys_sakula_smoke-loader
- Size
  
  92KB
- MD5
  
  26369b40620f8e5ed3119d499aa1e4a1
- SHA1
  
  6ea9f260ef61fa3104ad0ee4f85ce9419cdf7472
- SHA256
  
  6a14c9c63b67a7a6890102782411d541875501cf8fb0c0311340816e3cfce412
- SHA512
  
  7efcf2433a72f6725f953fb8a2eb5c42a4d97b93e07b067d1c4eceab5f58fcaa1adc450a7fb9fb13c4a75045ce756d8ad67ebe07b6d1980bf605d46556572aba
- SSDEEP
  
  1536:TJbCiJVkgMaT2itTkjoRXnM48dXFajVPYxCEtkz30rtrR:9bfVk29te2jqxCEtg30Bt
Score

10^/10

sakula discovery persistence rat trojan
- Sakula
  Sakula is a remote access trojan with various capabilities.
  trojan rat sakula
- Sakula family
  sakula
- Sakula payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sakuladiscoverypersistencerattrojan