General
-
Target
17caf649a5d55892ea756e991881bddc22620b467a930ce4412f7ee5fbb01c2e
-
Size
191KB
-
Sample
220212-dwxt9aghgq
-
MD5
9fe69e61962d1b68a94cafa9867667e3
-
SHA1
d16ed25a09112edbe73b708889aa60f8fa315ee7
-
SHA256
17caf649a5d55892ea756e991881bddc22620b467a930ce4412f7ee5fbb01c2e
-
SHA512
00b4d223836906a4a960940ef6e16a922115cd5b7033c177c050c34aa6cd9c703d9ca6c7dfd578e596dfe1fde43819f6a3c7f27551c0b0d020cb7d2fe8f6e308
Static task
static1
Behavioral task
behavioral1
Sample
17caf649a5d55892ea756e991881bddc22620b467a930ce4412f7ee5fbb01c2e.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
17caf649a5d55892ea756e991881bddc22620b467a930ce4412f7ee5fbb01c2e.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
17caf649a5d55892ea756e991881bddc22620b467a930ce4412f7ee5fbb01c2e
-
Size
191KB
-
MD5
9fe69e61962d1b68a94cafa9867667e3
-
SHA1
d16ed25a09112edbe73b708889aa60f8fa315ee7
-
SHA256
17caf649a5d55892ea756e991881bddc22620b467a930ce4412f7ee5fbb01c2e
-
SHA512
00b4d223836906a4a960940ef6e16a922115cd5b7033c177c050c34aa6cd9c703d9ca6c7dfd578e596dfe1fde43819f6a3c7f27551c0b0d020cb7d2fe8f6e308
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-