General
-
Target
14e5909b2824e58f07c4700b4e60ddcdbd9fd36de8c6536f2fd1347783cf4f21
-
Size
216KB
-
Sample
220212-e94qdsgah2
-
MD5
2392011c55f80522ae12fa0e8d9c394b
-
SHA1
2e3a60ecbd8c681cea73e8ed8aa839029f3e4125
-
SHA256
14e5909b2824e58f07c4700b4e60ddcdbd9fd36de8c6536f2fd1347783cf4f21
-
SHA512
578dbf7dc57ec2a2a757910acdc9d7ca02c6b39d98f40e1014f2b09cfceb2a68d79491524ca087ef0a8625be283d44c72288d85443738c7ee42da1fff46de422
Static task
static1
Behavioral task
behavioral1
Sample
14e5909b2824e58f07c4700b4e60ddcdbd9fd36de8c6536f2fd1347783cf4f21.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
14e5909b2824e58f07c4700b4e60ddcdbd9fd36de8c6536f2fd1347783cf4f21.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
14e5909b2824e58f07c4700b4e60ddcdbd9fd36de8c6536f2fd1347783cf4f21
-
Size
216KB
-
MD5
2392011c55f80522ae12fa0e8d9c394b
-
SHA1
2e3a60ecbd8c681cea73e8ed8aa839029f3e4125
-
SHA256
14e5909b2824e58f07c4700b4e60ddcdbd9fd36de8c6536f2fd1347783cf4f21
-
SHA512
578dbf7dc57ec2a2a757910acdc9d7ca02c6b39d98f40e1014f2b09cfceb2a68d79491524ca087ef0a8625be283d44c72288d85443738c7ee42da1fff46de422
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-