General
-
Target
1729ec94765f31cb4a98d2355a447dc978d5971ef4e6eac91fdb5b65576cd70c
-
Size
79KB
-
Sample
220212-d6sy2shahn
-
MD5
10cba857794592e534406575ba522107
-
SHA1
a4f00241f9ccd0c2a717d0f5719ab9c0498797c0
-
SHA256
1729ec94765f31cb4a98d2355a447dc978d5971ef4e6eac91fdb5b65576cd70c
-
SHA512
ffe13fddae1ba2af87a83b5caa767a2af94c702e2ad6752abdc6a7ede37710c972e7b5c0cbe118b51975472850486821d4fd9044c2b3769624d80aee4d8ef904
Static task
static1
Behavioral task
behavioral1
Sample
1729ec94765f31cb4a98d2355a447dc978d5971ef4e6eac91fdb5b65576cd70c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1729ec94765f31cb4a98d2355a447dc978d5971ef4e6eac91fdb5b65576cd70c.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
1729ec94765f31cb4a98d2355a447dc978d5971ef4e6eac91fdb5b65576cd70c
-
Size
79KB
-
MD5
10cba857794592e534406575ba522107
-
SHA1
a4f00241f9ccd0c2a717d0f5719ab9c0498797c0
-
SHA256
1729ec94765f31cb4a98d2355a447dc978d5971ef4e6eac91fdb5b65576cd70c
-
SHA512
ffe13fddae1ba2af87a83b5caa767a2af94c702e2ad6752abdc6a7ede37710c972e7b5c0cbe118b51975472850486821d4fd9044c2b3769624d80aee4d8ef904
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-