General
-
Target
170e7f9b8b91012265ce4c2fcabc66178cc705df28ebd506c4c5db1f2b6f1b1d
-
Size
80KB
-
Sample
220212-d7m47afef7
-
MD5
7b62e3d9d30de24b1ea9a0e23217bf6d
-
SHA1
43e63ac050a2ea99f36e2f50d9adc84eefdcd2f5
-
SHA256
170e7f9b8b91012265ce4c2fcabc66178cc705df28ebd506c4c5db1f2b6f1b1d
-
SHA512
04f40af1fc875241554e651ee9f312ba80d0b1f97a73850180860770243b9fe09f9431a22ad1f9a74fbf9f938ac5867c76ee12723abc11181734cad5364e9840
Static task
static1
Behavioral task
behavioral1
Sample
170e7f9b8b91012265ce4c2fcabc66178cc705df28ebd506c4c5db1f2b6f1b1d.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
170e7f9b8b91012265ce4c2fcabc66178cc705df28ebd506c4c5db1f2b6f1b1d.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
170e7f9b8b91012265ce4c2fcabc66178cc705df28ebd506c4c5db1f2b6f1b1d
-
Size
80KB
-
MD5
7b62e3d9d30de24b1ea9a0e23217bf6d
-
SHA1
43e63ac050a2ea99f36e2f50d9adc84eefdcd2f5
-
SHA256
170e7f9b8b91012265ce4c2fcabc66178cc705df28ebd506c4c5db1f2b6f1b1d
-
SHA512
04f40af1fc875241554e651ee9f312ba80d0b1f97a73850180860770243b9fe09f9431a22ad1f9a74fbf9f938ac5867c76ee12723abc11181734cad5364e9840
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-