General
-
Target
2025-04-21_c1a9eeabced3e4e1b0d3b6f382f2c35a_amadey_elex_rhadamanthys_sakula_smoke-loader
-
Size
114KB
-
Sample
250421-wq7rda1vcw
-
MD5
c1a9eeabced3e4e1b0d3b6f382f2c35a
-
SHA1
134b5d02edb5c402475bf6aba24e15b1d7d0eb1a
-
SHA256
214e389158f5ad1978ca071870d11c528bc09307215d8a240a327f6f575d4f57
-
SHA512
877e92a07042c57448f3542ccd8133742f54cf588923b612c52297067f03cf356de277ba02394f93a895a7ef397e47fe76a4a30d5e54cfd014e06c5fbcddb3a0
-
SSDEEP
1536:Loaj1hJL1S9t0MIeboal8bCKxo7h0RPLJNz30rtriCr0nJnHPoq1nouy8TRgX:c0hpgz6xGhYJF30Blr0nhoutTRgX
Behavioral task
behavioral1
Sample
2025-04-21_c1a9eeabced3e4e1b0d3b6f382f2c35a_amadey_elex_rhadamanthys_sakula_smoke-loader.exe
Resource
win10v2004-20250410-en
Malware Config
Targets
-
-
Target
2025-04-21_c1a9eeabced3e4e1b0d3b6f382f2c35a_amadey_elex_rhadamanthys_sakula_smoke-loader
-
Size
114KB
-
MD5
c1a9eeabced3e4e1b0d3b6f382f2c35a
-
SHA1
134b5d02edb5c402475bf6aba24e15b1d7d0eb1a
-
SHA256
214e389158f5ad1978ca071870d11c528bc09307215d8a240a327f6f575d4f57
-
SHA512
877e92a07042c57448f3542ccd8133742f54cf588923b612c52297067f03cf356de277ba02394f93a895a7ef397e47fe76a4a30d5e54cfd014e06c5fbcddb3a0
-
SSDEEP
1536:Loaj1hJL1S9t0MIeboal8bCKxo7h0RPLJNz30rtriCr0nJnHPoq1nouy8TRgX:c0hpgz6xGhYJF30Blr0nhoutTRgX
-
Sakula family
-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v16
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1