General
-
Target
17994630908c7d6f550101f1cb87ac86f609854682e703b6d9a84bc1222461b5
-
Size
99KB
-
Sample
220212-dz2ydafdh3
-
MD5
f06d59b5952d1dcb4c58bc81c226f8f5
-
SHA1
e83242a3f03696e86bde70ca9ac6a027bce0fb58
-
SHA256
17994630908c7d6f550101f1cb87ac86f609854682e703b6d9a84bc1222461b5
-
SHA512
1a1917f04dfb1915752a87074e946a3105d14bc5a9095ef173aa6d6be5709bfe6271a4c42d66bd53713a2b7dd913512c40dc2a5e985afc9a86d0daf2d35cb76c
Static task
static1
Behavioral task
behavioral1
Sample
17994630908c7d6f550101f1cb87ac86f609854682e703b6d9a84bc1222461b5.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
17994630908c7d6f550101f1cb87ac86f609854682e703b6d9a84bc1222461b5.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
17994630908c7d6f550101f1cb87ac86f609854682e703b6d9a84bc1222461b5
-
Size
99KB
-
MD5
f06d59b5952d1dcb4c58bc81c226f8f5
-
SHA1
e83242a3f03696e86bde70ca9ac6a027bce0fb58
-
SHA256
17994630908c7d6f550101f1cb87ac86f609854682e703b6d9a84bc1222461b5
-
SHA512
1a1917f04dfb1915752a87074e946a3105d14bc5a9095ef173aa6d6be5709bfe6271a4c42d66bd53713a2b7dd913512c40dc2a5e985afc9a86d0daf2d35cb76c
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-