General
-
Target
17a09281cd4b347ab6d5fd64bcc7c253059f9fb1138d275fdfa16667ce9e9d35
-
Size
120KB
-
Sample
220212-dzhjqsfdg5
-
MD5
a5ca22aeb159c608b06d7e6be94fcb14
-
SHA1
386fe022503c9dd4713cf67bf6a64d308cca5106
-
SHA256
17a09281cd4b347ab6d5fd64bcc7c253059f9fb1138d275fdfa16667ce9e9d35
-
SHA512
3b2c6202cc4d474f2c6f00c993de6c2b1992f23efe539cbb7e3d5fe019efff0a8122f1716fb8369ac78bc2868f3155b1a3c45c5b1eb4e8007662b7fb3e42fdcf
Static task
static1
Behavioral task
behavioral1
Sample
17a09281cd4b347ab6d5fd64bcc7c253059f9fb1138d275fdfa16667ce9e9d35.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
17a09281cd4b347ab6d5fd64bcc7c253059f9fb1138d275fdfa16667ce9e9d35.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
17a09281cd4b347ab6d5fd64bcc7c253059f9fb1138d275fdfa16667ce9e9d35
-
Size
120KB
-
MD5
a5ca22aeb159c608b06d7e6be94fcb14
-
SHA1
386fe022503c9dd4713cf67bf6a64d308cca5106
-
SHA256
17a09281cd4b347ab6d5fd64bcc7c253059f9fb1138d275fdfa16667ce9e9d35
-
SHA512
3b2c6202cc4d474f2c6f00c993de6c2b1992f23efe539cbb7e3d5fe019efff0a8122f1716fb8369ac78bc2868f3155b1a3c45c5b1eb4e8007662b7fb3e42fdcf
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-