sakula | cf3fca9eb76d6f43a5ff94bf645fc27272be2eee0c95a04d78f0bb0e76472895 | Triage

Sharing

General

Target

2025-04-14_ec6abd8f8a46184f6f168d76c9f2a446_amadey_elex_karagany_rhadamanthys_sakula_smoke-loader
Size

324KB
Sample

250414-3ppmqsy1g1
MD5

ec6abd8f8a46184f6f168d76c9f2a446
SHA1

a2d612791944d7b833bdc84ec644e73c2206039a
SHA256

cf3fca9eb76d6f43a5ff94bf645fc27272be2eee0c95a04d78f0bb0e76472895
SHA512

687ea01d7c475914c421149a5b29e013442c0ce67cff10abec456497764873a6e6d9c9628c2e90b1d991e5c6fb9cca58730c266a52e151a96d96abf39e915600
SSDEEP

1536:2oaj1hJL1S9t0MIeboal8bCKxo7h0RPFjw0Vz30rtrRLeBsCXKTnhxJS:h0hpgz6xGhyjw0N30BlyBsZh6

Score

10^/10

sakula discovery persistence rat trojan

Malware Config

Targets

- Target
  
  2025-04-14_ec6abd8f8a46184f6f168d76c9f2a446_amadey_elex_karagany_rhadamanthys_sakula_smoke-loader
- Size
  
  324KB
- MD5
  
  ec6abd8f8a46184f6f168d76c9f2a446
- SHA1
  
  a2d612791944d7b833bdc84ec644e73c2206039a
- SHA256
  
  cf3fca9eb76d6f43a5ff94bf645fc27272be2eee0c95a04d78f0bb0e76472895
- SHA512
  
  687ea01d7c475914c421149a5b29e013442c0ce67cff10abec456497764873a6e6d9c9628c2e90b1d991e5c6fb9cca58730c266a52e151a96d96abf39e915600
- SSDEEP
  
  1536:2oaj1hJL1S9t0MIeboal8bCKxo7h0RPFjw0Vz30rtrRLeBsCXKTnhxJS:h0hpgz6xGhyjw0N30BlyBsZh6
Score

10^/10

sakula discovery persistence rat trojan
- Sakula
  Sakula is a remote access trojan with various capabilities.
  trojan rat sakula
- Sakula family
  sakula
- Sakula payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sakuladiscoverypersistencerattrojan