General
-
Target
18d77f871460b8b0c760d2965bc265350056f449f4d229a5e3b4867049bf2241
-
Size
92KB
-
Sample
220212-dhkb1afbh5
-
MD5
b6eb8f16cd609dafe310c5e033532ef8
-
SHA1
e1c893f72847b12757a4aa5d70c23245ce62cc29
-
SHA256
18d77f871460b8b0c760d2965bc265350056f449f4d229a5e3b4867049bf2241
-
SHA512
14e747ead4cda8b819e8bd039b3b2c9df3cb2e7093dfab501af85f9851d449a38cf2fd7fb44fb27f574e6e5423012d94d168175edfb889ce892f9dfae3ac0a59
Static task
static1
Behavioral task
behavioral1
Sample
18d77f871460b8b0c760d2965bc265350056f449f4d229a5e3b4867049bf2241.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
18d77f871460b8b0c760d2965bc265350056f449f4d229a5e3b4867049bf2241.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
18d77f871460b8b0c760d2965bc265350056f449f4d229a5e3b4867049bf2241
-
Size
92KB
-
MD5
b6eb8f16cd609dafe310c5e033532ef8
-
SHA1
e1c893f72847b12757a4aa5d70c23245ce62cc29
-
SHA256
18d77f871460b8b0c760d2965bc265350056f449f4d229a5e3b4867049bf2241
-
SHA512
14e747ead4cda8b819e8bd039b3b2c9df3cb2e7093dfab501af85f9851d449a38cf2fd7fb44fb27f574e6e5423012d94d168175edfb889ce892f9dfae3ac0a59
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-