General
-
Target
193552a0f08b0f8c7b421467fd2a0818967cc3fad1dc000037cd836603f2f175
-
Size
79KB
-
Sample
220212-ddal1afbd5
-
MD5
038e392d80ae62fc914f5967f5028789
-
SHA1
611c060111dfeb636753ebe353cf14d7b1879cc5
-
SHA256
193552a0f08b0f8c7b421467fd2a0818967cc3fad1dc000037cd836603f2f175
-
SHA512
08a893c2e8f8f3e10e5772f3916dea50c71547fb22ac8040ef7cc324f7ee074b8be54c412978eecbfc2dfd401972f6dff67f1b7cdc23a6b998923f56a34713c3
Static task
static1
Behavioral task
behavioral1
Sample
193552a0f08b0f8c7b421467fd2a0818967cc3fad1dc000037cd836603f2f175.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
193552a0f08b0f8c7b421467fd2a0818967cc3fad1dc000037cd836603f2f175.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
193552a0f08b0f8c7b421467fd2a0818967cc3fad1dc000037cd836603f2f175
-
Size
79KB
-
MD5
038e392d80ae62fc914f5967f5028789
-
SHA1
611c060111dfeb636753ebe353cf14d7b1879cc5
-
SHA256
193552a0f08b0f8c7b421467fd2a0818967cc3fad1dc000037cd836603f2f175
-
SHA512
08a893c2e8f8f3e10e5772f3916dea50c71547fb22ac8040ef7cc324f7ee074b8be54c412978eecbfc2dfd401972f6dff67f1b7cdc23a6b998923f56a34713c3
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-