General
-
Target
15003f8f0fe8f9199b33059a7a414dad3b18a0424ca283e161d652f9e091fbd8
-
Size
200KB
-
Sample
220212-e9ca5sgaf8
-
MD5
befaf5d42281f92b4159e60afed3ef28
-
SHA1
f782a943a002f2a8b1708035f2137898753efaf5
-
SHA256
15003f8f0fe8f9199b33059a7a414dad3b18a0424ca283e161d652f9e091fbd8
-
SHA512
18ae24ed070e22c4895642c87a756fb8896294fa027cbe483adc924c505b92c0bc84bda40197a68b75d7c9802a7f539f45b562416d6701964f7bf97eb54f1c5a
Static task
static1
Behavioral task
behavioral1
Sample
15003f8f0fe8f9199b33059a7a414dad3b18a0424ca283e161d652f9e091fbd8.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
15003f8f0fe8f9199b33059a7a414dad3b18a0424ca283e161d652f9e091fbd8.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
15003f8f0fe8f9199b33059a7a414dad3b18a0424ca283e161d652f9e091fbd8
-
Size
200KB
-
MD5
befaf5d42281f92b4159e60afed3ef28
-
SHA1
f782a943a002f2a8b1708035f2137898753efaf5
-
SHA256
15003f8f0fe8f9199b33059a7a414dad3b18a0424ca283e161d652f9e091fbd8
-
SHA512
18ae24ed070e22c4895642c87a756fb8896294fa027cbe483adc924c505b92c0bc84bda40197a68b75d7c9802a7f539f45b562416d6701964f7bf97eb54f1c5a
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-