General
-
Target
16a6bee673b0a851d90eb47c2435edafe6ea4d4dc8cb76f2a66004f29d4798ae
-
Size
92KB
-
Sample
220212-eez4qafff2
-
MD5
6d8e0f83dc0ff040f160055099ad3390
-
SHA1
c0ed0d10fab12fe838ac9b9ee4c95b5e1027b3cc
-
SHA256
16a6bee673b0a851d90eb47c2435edafe6ea4d4dc8cb76f2a66004f29d4798ae
-
SHA512
bff1e40d81358542a755e2592959d8974683716428f8b30c74b9c0e7057f3e3816f982094b2e900e5fa8ba83ed60638d66494958154abfbc36e521bc6503bb36
Static task
static1
Behavioral task
behavioral1
Sample
16a6bee673b0a851d90eb47c2435edafe6ea4d4dc8cb76f2a66004f29d4798ae.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
16a6bee673b0a851d90eb47c2435edafe6ea4d4dc8cb76f2a66004f29d4798ae.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
16a6bee673b0a851d90eb47c2435edafe6ea4d4dc8cb76f2a66004f29d4798ae
-
Size
92KB
-
MD5
6d8e0f83dc0ff040f160055099ad3390
-
SHA1
c0ed0d10fab12fe838ac9b9ee4c95b5e1027b3cc
-
SHA256
16a6bee673b0a851d90eb47c2435edafe6ea4d4dc8cb76f2a66004f29d4798ae
-
SHA512
bff1e40d81358542a755e2592959d8974683716428f8b30c74b9c0e7057f3e3816f982094b2e900e5fa8ba83ed60638d66494958154abfbc36e521bc6503bb36
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-