General
-
Target
183c521c99d5f3b39f650890cd3f892fc1062e718c8507070e2d84a7ac1c8ced
-
Size
89KB
-
Sample
220212-drwrdsfda2
-
MD5
2cf5f3ddfa2f2aa097fcaa18c0d1fbc9
-
SHA1
0f7b6d85608cab1fbb8558bbef5c9dfd345bee59
-
SHA256
183c521c99d5f3b39f650890cd3f892fc1062e718c8507070e2d84a7ac1c8ced
-
SHA512
49ace5124502909715d34391b762c7455690c4044f3cc22be05de22daa5b9d5b2f893f2a197bec05aebbac75ab242c30e72002c7f459ec7f93dd36a37444417d
Static task
static1
Behavioral task
behavioral1
Sample
183c521c99d5f3b39f650890cd3f892fc1062e718c8507070e2d84a7ac1c8ced.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
183c521c99d5f3b39f650890cd3f892fc1062e718c8507070e2d84a7ac1c8ced.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
183c521c99d5f3b39f650890cd3f892fc1062e718c8507070e2d84a7ac1c8ced
-
Size
89KB
-
MD5
2cf5f3ddfa2f2aa097fcaa18c0d1fbc9
-
SHA1
0f7b6d85608cab1fbb8558bbef5c9dfd345bee59
-
SHA256
183c521c99d5f3b39f650890cd3f892fc1062e718c8507070e2d84a7ac1c8ced
-
SHA512
49ace5124502909715d34391b762c7455690c4044f3cc22be05de22daa5b9d5b2f893f2a197bec05aebbac75ab242c30e72002c7f459ec7f93dd36a37444417d
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-