General
-
Target
17c58eb6c72f663ac242a0cfa3694d78ff2ba182e7cc09072903fd21c7e0b429
-
Size
216KB
-
Sample
220212-dxeeasfde5
-
MD5
e65c6098d22a042f360b4fb9bd75ca8b
-
SHA1
cbb7ae00885c30f44d89d1c8752d8daedb0187a7
-
SHA256
17c58eb6c72f663ac242a0cfa3694d78ff2ba182e7cc09072903fd21c7e0b429
-
SHA512
b236ed68786fd339e1e03bdc626cd6dfc9403e5090207e9249ec1e6798dd1622aa9c5c7a6aa4fd82a1ac52904e28bb8fe12b941e9aa58bec4087c9b8c1bf5daa
Static task
static1
Behavioral task
behavioral1
Sample
17c58eb6c72f663ac242a0cfa3694d78ff2ba182e7cc09072903fd21c7e0b429.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
17c58eb6c72f663ac242a0cfa3694d78ff2ba182e7cc09072903fd21c7e0b429.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
17c58eb6c72f663ac242a0cfa3694d78ff2ba182e7cc09072903fd21c7e0b429
-
Size
216KB
-
MD5
e65c6098d22a042f360b4fb9bd75ca8b
-
SHA1
cbb7ae00885c30f44d89d1c8752d8daedb0187a7
-
SHA256
17c58eb6c72f663ac242a0cfa3694d78ff2ba182e7cc09072903fd21c7e0b429
-
SHA512
b236ed68786fd339e1e03bdc626cd6dfc9403e5090207e9249ec1e6798dd1622aa9c5c7a6aa4fd82a1ac52904e28bb8fe12b941e9aa58bec4087c9b8c1bf5daa
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-