General
-
Target
16c6bb29043496f1c28f18b559549379c1b1f33a226beb8a104a73ebeb4ca693
-
Size
176KB
-
Sample
220212-ecrpkaffc8
-
MD5
251678786d957c5e85c3e279d943edd7
-
SHA1
e71f64acd32cf607b3b0243b16f9be0dff51004a
-
SHA256
16c6bb29043496f1c28f18b559549379c1b1f33a226beb8a104a73ebeb4ca693
-
SHA512
f23fce0b58c9c40ded6698aa7c4f2782c513752ee9cd5924ba51d43d4092f7f8413c27217ae64a28419d0253c8bcad2bcbcd9c3c353ad73006080b36023eec56
Static task
static1
Behavioral task
behavioral1
Sample
16c6bb29043496f1c28f18b559549379c1b1f33a226beb8a104a73ebeb4ca693.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
16c6bb29043496f1c28f18b559549379c1b1f33a226beb8a104a73ebeb4ca693.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
16c6bb29043496f1c28f18b559549379c1b1f33a226beb8a104a73ebeb4ca693
-
Size
176KB
-
MD5
251678786d957c5e85c3e279d943edd7
-
SHA1
e71f64acd32cf607b3b0243b16f9be0dff51004a
-
SHA256
16c6bb29043496f1c28f18b559549379c1b1f33a226beb8a104a73ebeb4ca693
-
SHA512
f23fce0b58c9c40ded6698aa7c4f2782c513752ee9cd5924ba51d43d4092f7f8413c27217ae64a28419d0253c8bcad2bcbcd9c3c353ad73006080b36023eec56
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-