General
-
Target
17389c3aefc730bce605e9c77c1b583fb27a62089c716ed6741dff592bb48e12
-
Size
92KB
-
Sample
220212-d5v21sfed7
-
MD5
c5b4b12f91b4ff799425f98c5d852910
-
SHA1
41b6ee0e99e91e803ced202584ba7fdb721adf3e
-
SHA256
17389c3aefc730bce605e9c77c1b583fb27a62089c716ed6741dff592bb48e12
-
SHA512
5b2f79aec990c34ce182e68ee012dbbb9f5aa6a3e5e645a39c238cfedcf911d0af5dada1300ad1b0322ead274efcca2d490286b55643b27fa89c8f6ee15da1e7
Static task
static1
Behavioral task
behavioral1
Sample
17389c3aefc730bce605e9c77c1b583fb27a62089c716ed6741dff592bb48e12.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
17389c3aefc730bce605e9c77c1b583fb27a62089c716ed6741dff592bb48e12.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
17389c3aefc730bce605e9c77c1b583fb27a62089c716ed6741dff592bb48e12
-
Size
92KB
-
MD5
c5b4b12f91b4ff799425f98c5d852910
-
SHA1
41b6ee0e99e91e803ced202584ba7fdb721adf3e
-
SHA256
17389c3aefc730bce605e9c77c1b583fb27a62089c716ed6741dff592bb48e12
-
SHA512
5b2f79aec990c34ce182e68ee012dbbb9f5aa6a3e5e645a39c238cfedcf911d0af5dada1300ad1b0322ead274efcca2d490286b55643b27fa89c8f6ee15da1e7
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-