General

  • Target

    2025-04-21_f5f52919e0ea2ac4e781efb53c1676e5_amadey_elex_rhadamanthys_sakula_smoke-loader

  • Size

    114KB

  • Sample

    250421-l54cdssrt2

  • MD5

    f5f52919e0ea2ac4e781efb53c1676e5

  • SHA1

    79f60d869fa0fd0be89cbf6489b420627d28de69

  • SHA256

    0f9050518310334311f32c69a59354ae4749ea513a9a39f636a24de928a00fa7

  • SHA512

    35ccb6206d177068f56cecc4745a2425a51dad4200ae53de368d9360ffb15671af890648add45e39979d44d5b08e54363c4b1265a0b07829bb28c80b85f6f632

  • SSDEEP

    1536:Loaj1hJL1S9t0MIeboal8bCKxo7h0RPLJNz30rtriCr0nJnHPoq1nouy8TRgS:c0hpgz6xGhYJF30Blr0nhoutTRgS

Malware Config

Targets

    • Target

      2025-04-21_f5f52919e0ea2ac4e781efb53c1676e5_amadey_elex_rhadamanthys_sakula_smoke-loader

    • Size

      114KB

    • MD5

      f5f52919e0ea2ac4e781efb53c1676e5

    • SHA1

      79f60d869fa0fd0be89cbf6489b420627d28de69

    • SHA256

      0f9050518310334311f32c69a59354ae4749ea513a9a39f636a24de928a00fa7

    • SHA512

      35ccb6206d177068f56cecc4745a2425a51dad4200ae53de368d9360ffb15671af890648add45e39979d44d5b08e54363c4b1265a0b07829bb28c80b85f6f632

    • SSDEEP

      1536:Loaj1hJL1S9t0MIeboal8bCKxo7h0RPLJNz30rtriCr0nJnHPoq1nouy8TRgS:c0hpgz6xGhYJF30Blr0nhoutTRgS

    • Sakula

      Sakula is a remote access trojan with various capabilities.

    • Sakula family

    • Sakula payload

    • Executes dropped EXE

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v16

Tasks