General
-
Target
17039a67759631bdf8d4940a4fa98e4ee55fa67be7a63aed9619df051e1fae8c
-
Size
79KB
-
Sample
220212-d8s2tsfeg6
-
MD5
b9f4c7474a02c0da37965cc7a7d94d16
-
SHA1
b6942ebd13bf72b0ef965d02667b0e5b7049a4ca
-
SHA256
17039a67759631bdf8d4940a4fa98e4ee55fa67be7a63aed9619df051e1fae8c
-
SHA512
e54187b97e8c6dddf2e7a600e559bc7d9395baf6258145a2da34d7c107931971e40bf18cce7cfe658689c716e6c61d2213bddd2ec7c69b203a0de54da5ed1a6b
Static task
static1
Behavioral task
behavioral1
Sample
17039a67759631bdf8d4940a4fa98e4ee55fa67be7a63aed9619df051e1fae8c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
17039a67759631bdf8d4940a4fa98e4ee55fa67be7a63aed9619df051e1fae8c.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
17039a67759631bdf8d4940a4fa98e4ee55fa67be7a63aed9619df051e1fae8c
-
Size
79KB
-
MD5
b9f4c7474a02c0da37965cc7a7d94d16
-
SHA1
b6942ebd13bf72b0ef965d02667b0e5b7049a4ca
-
SHA256
17039a67759631bdf8d4940a4fa98e4ee55fa67be7a63aed9619df051e1fae8c
-
SHA512
e54187b97e8c6dddf2e7a600e559bc7d9395baf6258145a2da34d7c107931971e40bf18cce7cfe658689c716e6c61d2213bddd2ec7c69b203a0de54da5ed1a6b
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-