General
-
Target
2025-04-21_9c710db67955e7ef92992d76dc712659_amadey_elex_rhadamanthys_sakula_smoke-loader
-
Size
100KB
-
Sample
250421-3p8eva1rw5
-
MD5
9c710db67955e7ef92992d76dc712659
-
SHA1
de1b6d5608845a6117b2ac51c57790149bbf571d
-
SHA256
01a2f36eac98b0136d8175a9f40ff22fe222518e5faeb6be3d78cb4c2f6d2448
-
SHA512
ff9c1d687228c365bc1f920003e1e9481eaed83250ea35b4987fe6c11d93bbdf34885d8588587106f0deedd6ab197bc661abcdf9bcdcf1f529cd418f2cda04e5
-
SSDEEP
1536:Poaj1hJL1S9t0MIeboal8bCKxo7h0RPqaml0Nz30rtrBx+:w0hpgz6xGhJamyF30BVx+
Behavioral task
behavioral1
Sample
2025-04-21_9c710db67955e7ef92992d76dc712659_amadey_elex_rhadamanthys_sakula_smoke-loader.exe
Resource
win10v2004-20250410-en
Behavioral task
behavioral2
Sample
2025-04-21_9c710db67955e7ef92992d76dc712659_amadey_elex_rhadamanthys_sakula_smoke-loader.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-21_9c710db67955e7ef92992d76dc712659_amadey_elex_rhadamanthys_sakula_smoke-loader
-
Size
100KB
-
MD5
9c710db67955e7ef92992d76dc712659
-
SHA1
de1b6d5608845a6117b2ac51c57790149bbf571d
-
SHA256
01a2f36eac98b0136d8175a9f40ff22fe222518e5faeb6be3d78cb4c2f6d2448
-
SHA512
ff9c1d687228c365bc1f920003e1e9481eaed83250ea35b4987fe6c11d93bbdf34885d8588587106f0deedd6ab197bc661abcdf9bcdcf1f529cd418f2cda04e5
-
SSDEEP
1536:Poaj1hJL1S9t0MIeboal8bCKxo7h0RPqaml0Nz30rtrBx+:w0hpgz6xGhJamyF30BVx+
Score10/10-
Sakula family
-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v16
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1