sakula | d0302a0131a63bc7e5dd3b810ee0a648356f066b5e502180fe875f3b70584af6 | Triage

Sharing

General

Target

2025-04-12_2aabd8058c7cba9a6091fde268273b1c_amadey_elex_rhadamanthys_sakula_smoke-loader
Size

92KB
Sample

250412-bmbjjstwdt
MD5

2aabd8058c7cba9a6091fde268273b1c
SHA1

82bf5cee9c32e654b56113aa43845331296bd1d4
SHA256

d0302a0131a63bc7e5dd3b810ee0a648356f066b5e502180fe875f3b70584af6
SHA512

4d33f2de5d16e9dd910dac70701775b8dd32321a2f03e5b4286f88072ef079584a680899387408c020f4b57c9aeb173cb27e1f3759fe2626f3bdac05ba72916c
SSDEEP

1536:TJbCiJVkgMaT2itTkjoRXnM48dXFajVPYxCEtkz30rtra:9bfVk29te2jqxCEtg30BG

Score

10^/10

sakula discovery persistence rat trojan

Malware Config

Extracted

Family

sakula

C2

www.savmpet.com

Targets

- Target
  
  2025-04-12_2aabd8058c7cba9a6091fde268273b1c_amadey_elex_rhadamanthys_sakula_smoke-loader
- Size
  
  92KB
- MD5
  
  2aabd8058c7cba9a6091fde268273b1c
- SHA1
  
  82bf5cee9c32e654b56113aa43845331296bd1d4
- SHA256
  
  d0302a0131a63bc7e5dd3b810ee0a648356f066b5e502180fe875f3b70584af6
- SHA512
  
  4d33f2de5d16e9dd910dac70701775b8dd32321a2f03e5b4286f88072ef079584a680899387408c020f4b57c9aeb173cb27e1f3759fe2626f3bdac05ba72916c
- SSDEEP
  
  1536:TJbCiJVkgMaT2itTkjoRXnM48dXFajVPYxCEtkz30rtra:9bfVk29te2jqxCEtg30BG
Score

10^/10

sakula discovery persistence rat trojan
- Sakula
  Sakula is a remote access trojan with various capabilities.
  trojan rat sakula
- Sakula family
  sakula
- Sakula payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sakuladiscoverypersistencerattrojan