sakula | 383cc488d1daaa2fac200084d22e8c42a75ee3298d533541c89d29eaec980d3f | Triage

Sharing

General

Target

2025-04-13_12e5986e26f2671814bf77173e9dd4e6_amadey_elex_rhadamanthys_sakula_smoke-loader
Size

92KB
Sample

250413-3s9gbaw1as
MD5

12e5986e26f2671814bf77173e9dd4e6
SHA1

d965cefe1a1616ba8aae928b8d7a664467c06ac2
SHA256

383cc488d1daaa2fac200084d22e8c42a75ee3298d533541c89d29eaec980d3f
SHA512

1635f93c50ec9f325e76b9aa6d8dc6e4509b95847946b9da1e98d3132a34cf638730e6922efb8be5fdc549ed9a1359d56d9203a15d413084edbebae91ea3ea44
SSDEEP

1536:TJbCiJVkgMaT2itTkjoRXnM48dXFajVPYxCEtkz30rtrr:9bfVk29te2jqxCEtg30Bf

Score

10^/10

sakula discovery persistence rat trojan

Malware Config

Extracted

Family

sakula

C2

www.savmpet.com

Targets

- Target
  
  2025-04-13_12e5986e26f2671814bf77173e9dd4e6_amadey_elex_rhadamanthys_sakula_smoke-loader
- Size
  
  92KB
- MD5
  
  12e5986e26f2671814bf77173e9dd4e6
- SHA1
  
  d965cefe1a1616ba8aae928b8d7a664467c06ac2
- SHA256
  
  383cc488d1daaa2fac200084d22e8c42a75ee3298d533541c89d29eaec980d3f
- SHA512
  
  1635f93c50ec9f325e76b9aa6d8dc6e4509b95847946b9da1e98d3132a34cf638730e6922efb8be5fdc549ed9a1359d56d9203a15d413084edbebae91ea3ea44
- SSDEEP
  
  1536:TJbCiJVkgMaT2itTkjoRXnM48dXFajVPYxCEtkz30rtrr:9bfVk29te2jqxCEtg30Bf
Score

10^/10

sakula discovery persistence rat trojan
- Sakula
  Sakula is a remote access trojan with various capabilities.
  trojan rat sakula
- Sakula family
  sakula
- Sakula payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sakuladiscoverypersistencerattrojan