General
-
Target
17a66f69c167316487ac18d556d9e6672202133152167073b69148724f833631
-
Size
100KB
-
Sample
220212-dyzfvshaar
-
MD5
e9b8bd3ee3c1582828c9b01231b87f55
-
SHA1
dc1e8c0b5df76163eee6e07af447397a7daf7829
-
SHA256
17a66f69c167316487ac18d556d9e6672202133152167073b69148724f833631
-
SHA512
2ef4da80a1a4de8eb9068d152ca529904934dd793ae626e6f9bcdae4b29481d2a14a6c3a106ed5b811a1d6d8e103d5f0c894ca9e5ad06a78f7bddd0602ea6c18
Static task
static1
Behavioral task
behavioral1
Sample
17a66f69c167316487ac18d556d9e6672202133152167073b69148724f833631.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
17a66f69c167316487ac18d556d9e6672202133152167073b69148724f833631.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
17a66f69c167316487ac18d556d9e6672202133152167073b69148724f833631
-
Size
100KB
-
MD5
e9b8bd3ee3c1582828c9b01231b87f55
-
SHA1
dc1e8c0b5df76163eee6e07af447397a7daf7829
-
SHA256
17a66f69c167316487ac18d556d9e6672202133152167073b69148724f833631
-
SHA512
2ef4da80a1a4de8eb9068d152ca529904934dd793ae626e6f9bcdae4b29481d2a14a6c3a106ed5b811a1d6d8e103d5f0c894ca9e5ad06a78f7bddd0602ea6c18
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-