General
-
Target
18f4e140e1ec580fb96108e23d2f4d7359dd2942f84731850237a76d732ba0a3
-
Size
89KB
-
Sample
220212-dfxvbafbg2
-
MD5
60b419cc2f0b4d5467429473cfae2f69
-
SHA1
38acdfdbc1c09915f452693e0a1a1c756694d4a1
-
SHA256
18f4e140e1ec580fb96108e23d2f4d7359dd2942f84731850237a76d732ba0a3
-
SHA512
cfe9baa00cb44072bb8400d2eac67720dbeb3c2a80ce9bb870844b77bf16c877ef22cb7d0ec1019e24ebe91bb68ae1db9c4a72bb03f25f33defbe4f9eee0e7a3
Static task
static1
Behavioral task
behavioral1
Sample
18f4e140e1ec580fb96108e23d2f4d7359dd2942f84731850237a76d732ba0a3.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
18f4e140e1ec580fb96108e23d2f4d7359dd2942f84731850237a76d732ba0a3.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
18f4e140e1ec580fb96108e23d2f4d7359dd2942f84731850237a76d732ba0a3
-
Size
89KB
-
MD5
60b419cc2f0b4d5467429473cfae2f69
-
SHA1
38acdfdbc1c09915f452693e0a1a1c756694d4a1
-
SHA256
18f4e140e1ec580fb96108e23d2f4d7359dd2942f84731850237a76d732ba0a3
-
SHA512
cfe9baa00cb44072bb8400d2eac67720dbeb3c2a80ce9bb870844b77bf16c877ef22cb7d0ec1019e24ebe91bb68ae1db9c4a72bb03f25f33defbe4f9eee0e7a3
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-