General
-
Target
16d6caa13a70cfa980222a7c95cd301f85e94c8ea3f6f20b8bb37bf3de654d1f
-
Size
79KB
-
Sample
220212-ebhp9sffb7
-
MD5
1ad3faa5164992eab954997a67001333
-
SHA1
20259c2708a920aff6e323c6dd177b9ed2f8e474
-
SHA256
16d6caa13a70cfa980222a7c95cd301f85e94c8ea3f6f20b8bb37bf3de654d1f
-
SHA512
54af2deda19ebfb663f79258d4111f484d739e082bcea2ed0ad3f81719296ea6ef970c4c9f8fd9e6d41b96570084650d915424019332782808c3cfb79a1c5e8c
Static task
static1
Behavioral task
behavioral1
Sample
16d6caa13a70cfa980222a7c95cd301f85e94c8ea3f6f20b8bb37bf3de654d1f.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
16d6caa13a70cfa980222a7c95cd301f85e94c8ea3f6f20b8bb37bf3de654d1f.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
16d6caa13a70cfa980222a7c95cd301f85e94c8ea3f6f20b8bb37bf3de654d1f
-
Size
79KB
-
MD5
1ad3faa5164992eab954997a67001333
-
SHA1
20259c2708a920aff6e323c6dd177b9ed2f8e474
-
SHA256
16d6caa13a70cfa980222a7c95cd301f85e94c8ea3f6f20b8bb37bf3de654d1f
-
SHA512
54af2deda19ebfb663f79258d4111f484d739e082bcea2ed0ad3f81719296ea6ef970c4c9f8fd9e6d41b96570084650d915424019332782808c3cfb79a1c5e8c
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-