General
-
Target
16f2cb030ae0c1e60de3349b678a4a7c0c80a14814dc81717e060e117da76d18
-
Size
80KB
-
Sample
220212-d9e7cshbcj
-
MD5
97286f1a9e13954775f6b27ef0751105
-
SHA1
4c5e00a132d33b3988945b973f34db5fb85ba6c0
-
SHA256
16f2cb030ae0c1e60de3349b678a4a7c0c80a14814dc81717e060e117da76d18
-
SHA512
34ad7d8e6f01fc86ca8b902331c2eecb86646f58e5eddac7f250655faf94a6a5477e6c0232efcc779b27ce3147360243076cd04cf4fc8e931218019dd527bb19
Static task
static1
Behavioral task
behavioral1
Sample
16f2cb030ae0c1e60de3349b678a4a7c0c80a14814dc81717e060e117da76d18.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
16f2cb030ae0c1e60de3349b678a4a7c0c80a14814dc81717e060e117da76d18.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
16f2cb030ae0c1e60de3349b678a4a7c0c80a14814dc81717e060e117da76d18
-
Size
80KB
-
MD5
97286f1a9e13954775f6b27ef0751105
-
SHA1
4c5e00a132d33b3988945b973f34db5fb85ba6c0
-
SHA256
16f2cb030ae0c1e60de3349b678a4a7c0c80a14814dc81717e060e117da76d18
-
SHA512
34ad7d8e6f01fc86ca8b902331c2eecb86646f58e5eddac7f250655faf94a6a5477e6c0232efcc779b27ce3147360243076cd04cf4fc8e931218019dd527bb19
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-