General
-
Target
16dfc02c02129c013dbc3371ad91d786b40b9ecf3f958aea44901db98e341a7c
-
Size
89KB
-
Sample
220212-eav9zaffb2
-
MD5
d9c432d8884833ecb498caaf10aaa5f0
-
SHA1
e8a06666439ae04cc219d98a879b473d226ff535
-
SHA256
16dfc02c02129c013dbc3371ad91d786b40b9ecf3f958aea44901db98e341a7c
-
SHA512
4a90221114e9c8bd64b52c3ca1b6a709747083aa8f868d2b0eaa27221bbd2cb027eb76d4f9abf658c93dabf5564cf7c28b2305f4f7a466319c1b14bcf6b3496f
Static task
static1
Behavioral task
behavioral1
Sample
16dfc02c02129c013dbc3371ad91d786b40b9ecf3f958aea44901db98e341a7c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
16dfc02c02129c013dbc3371ad91d786b40b9ecf3f958aea44901db98e341a7c.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
16dfc02c02129c013dbc3371ad91d786b40b9ecf3f958aea44901db98e341a7c
-
Size
89KB
-
MD5
d9c432d8884833ecb498caaf10aaa5f0
-
SHA1
e8a06666439ae04cc219d98a879b473d226ff535
-
SHA256
16dfc02c02129c013dbc3371ad91d786b40b9ecf3f958aea44901db98e341a7c
-
SHA512
4a90221114e9c8bd64b52c3ca1b6a709747083aa8f868d2b0eaa27221bbd2cb027eb76d4f9abf658c93dabf5564cf7c28b2305f4f7a466319c1b14bcf6b3496f
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-