General
-
Target
1527bff07bff053669e60629577807db84aa1c7e029f56f3a2ba50952fd54ce8
-
Size
100KB
-
Sample
220212-e7dfesgae3
-
MD5
44130c9141ab4240c90a6409ef3bc6f6
-
SHA1
9b226c997b72a653e5258b50ae1d42c521b59587
-
SHA256
1527bff07bff053669e60629577807db84aa1c7e029f56f3a2ba50952fd54ce8
-
SHA512
c93de25ff9a5ebb97f9e6e546f7a04a2be257a1b63ad9c3e8d13636c570231fec3e939ffbc46d2fdb8387923af0afc3297fe3449f7bb535aa3b97fbc07b9430f
Static task
static1
Behavioral task
behavioral1
Sample
1527bff07bff053669e60629577807db84aa1c7e029f56f3a2ba50952fd54ce8.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1527bff07bff053669e60629577807db84aa1c7e029f56f3a2ba50952fd54ce8.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1527bff07bff053669e60629577807db84aa1c7e029f56f3a2ba50952fd54ce8
-
Size
100KB
-
MD5
44130c9141ab4240c90a6409ef3bc6f6
-
SHA1
9b226c997b72a653e5258b50ae1d42c521b59587
-
SHA256
1527bff07bff053669e60629577807db84aa1c7e029f56f3a2ba50952fd54ce8
-
SHA512
c93de25ff9a5ebb97f9e6e546f7a04a2be257a1b63ad9c3e8d13636c570231fec3e939ffbc46d2fdb8387923af0afc3297fe3449f7bb535aa3b97fbc07b9430f
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-