sakula | 5e3bbf5143dc96dafa2b9c4a6c91a1538441e93ece329dbe3b4c7311eec62d5b | Triage

Sharing

General

Target

2025-04-15_f4cb1225b413c5e29fbf3da5c77a8fca_amadey_elex_rhadamanthys_sakula_smoke-loader
Size

92KB
Sample

250415-f7vkdasyet
MD5

f4cb1225b413c5e29fbf3da5c77a8fca
SHA1

c14e515babc44e33148dc693ba78617351cff709
SHA256

5e3bbf5143dc96dafa2b9c4a6c91a1538441e93ece329dbe3b4c7311eec62d5b
SHA512

2c3afb8ff9c4c0bdf7619017100069da8b390ba1813f600bf8b22ee7cb3976e8a7fea370168263a8041e96aecb766e3e69d07612a39b05220412dc0c743c286f
SSDEEP

1536:TJbCiJVkgMaT2itTkjoRXnM48dXFajVPYxCEtkz30rtrB:9bfVk29te2jqxCEtg30BF

Score

10^/10

sakula discovery persistence rat trojan

Malware Config

Extracted

Family

sakula

C2

www.savmpet.com

Targets

- Target
  
  2025-04-15_f4cb1225b413c5e29fbf3da5c77a8fca_amadey_elex_rhadamanthys_sakula_smoke-loader
- Size
  
  92KB
- MD5
  
  f4cb1225b413c5e29fbf3da5c77a8fca
- SHA1
  
  c14e515babc44e33148dc693ba78617351cff709
- SHA256
  
  5e3bbf5143dc96dafa2b9c4a6c91a1538441e93ece329dbe3b4c7311eec62d5b
- SHA512
  
  2c3afb8ff9c4c0bdf7619017100069da8b390ba1813f600bf8b22ee7cb3976e8a7fea370168263a8041e96aecb766e3e69d07612a39b05220412dc0c743c286f
- SSDEEP
  
  1536:TJbCiJVkgMaT2itTkjoRXnM48dXFajVPYxCEtkz30rtrB:9bfVk29te2jqxCEtg30BF
Score

10^/10

sakula discovery persistence rat trojan
- Sakula
  Sakula is a remote access trojan with various capabilities.
  trojan rat sakula
- Sakula family
  sakula
- Sakula payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sakuladiscoverypersistencerattrojan