General
-
Target
17676ebf5dbf28a9849114d7c7cc7ab75fca2fb5c307d02eacdf29d9e7cbf990
-
Size
99KB
-
Sample
220212-d3xstsfeb8
-
MD5
314628e14de468db1bd6888efa0a4ec6
-
SHA1
fd19074ce2e73e81f9b0af16f79bb52e4e29f064
-
SHA256
17676ebf5dbf28a9849114d7c7cc7ab75fca2fb5c307d02eacdf29d9e7cbf990
-
SHA512
146adf52e644745a79f94500f2505d2ddf43e07938ec5ff69196e9d638889469c44cfc53f97041de777bd222882c87ee41b6d4e5f3cd6f3cb1f4b191dfb5e047
Static task
static1
Behavioral task
behavioral1
Sample
17676ebf5dbf28a9849114d7c7cc7ab75fca2fb5c307d02eacdf29d9e7cbf990.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
17676ebf5dbf28a9849114d7c7cc7ab75fca2fb5c307d02eacdf29d9e7cbf990.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
17676ebf5dbf28a9849114d7c7cc7ab75fca2fb5c307d02eacdf29d9e7cbf990
-
Size
99KB
-
MD5
314628e14de468db1bd6888efa0a4ec6
-
SHA1
fd19074ce2e73e81f9b0af16f79bb52e4e29f064
-
SHA256
17676ebf5dbf28a9849114d7c7cc7ab75fca2fb5c307d02eacdf29d9e7cbf990
-
SHA512
146adf52e644745a79f94500f2505d2ddf43e07938ec5ff69196e9d638889469c44cfc53f97041de777bd222882c87ee41b6d4e5f3cd6f3cb1f4b191dfb5e047
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-