General
-
Target
1770c73c1b7f569bb138e63a8bf315286a7d11db8268c053eb65caa876b7b71b
-
Size
188KB
-
Sample
220212-d3b65afea9
-
MD5
bc0ca3da42ba0c92a389f9f9106b934c
-
SHA1
a25276af382d4e0790af71a4eb365f15e9239ea8
-
SHA256
1770c73c1b7f569bb138e63a8bf315286a7d11db8268c053eb65caa876b7b71b
-
SHA512
db7496dfb76ad7928816b1d860faa40edd4b9f8e183195b411cc622ba36a3a20eb4aa71ba6c28e9bdeb59f6a1c7669ffae5a624276edae616cae942c3240651f
Static task
static1
Behavioral task
behavioral1
Sample
1770c73c1b7f569bb138e63a8bf315286a7d11db8268c053eb65caa876b7b71b.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1770c73c1b7f569bb138e63a8bf315286a7d11db8268c053eb65caa876b7b71b.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1770c73c1b7f569bb138e63a8bf315286a7d11db8268c053eb65caa876b7b71b
-
Size
188KB
-
MD5
bc0ca3da42ba0c92a389f9f9106b934c
-
SHA1
a25276af382d4e0790af71a4eb365f15e9239ea8
-
SHA256
1770c73c1b7f569bb138e63a8bf315286a7d11db8268c053eb65caa876b7b71b
-
SHA512
db7496dfb76ad7928816b1d860faa40edd4b9f8e183195b411cc622ba36a3a20eb4aa71ba6c28e9bdeb59f6a1c7669ffae5a624276edae616cae942c3240651f
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-