General
-
Target
1699c3b7bf67a80c16011c60c2e14b2c804fc00c6e2a42ca86027b9dabf8e3dc
-
Size
101KB
-
Sample
220212-efhaasfff7
-
MD5
808236fc896e28084d1fdfb6e2499c9d
-
SHA1
79647997959cc41f998dfbda84181a03c7846d9c
-
SHA256
1699c3b7bf67a80c16011c60c2e14b2c804fc00c6e2a42ca86027b9dabf8e3dc
-
SHA512
058cc6db656b852a15b0c2839ac45e10fe1ec9686d7d1bbd61fdec769965e607f79a6b470db64a0c5b225279257677093943f885cb24c3d1e2ddfd23fb8d2160
Static task
static1
Behavioral task
behavioral1
Sample
1699c3b7bf67a80c16011c60c2e14b2c804fc00c6e2a42ca86027b9dabf8e3dc.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1699c3b7bf67a80c16011c60c2e14b2c804fc00c6e2a42ca86027b9dabf8e3dc.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1699c3b7bf67a80c16011c60c2e14b2c804fc00c6e2a42ca86027b9dabf8e3dc
-
Size
101KB
-
MD5
808236fc896e28084d1fdfb6e2499c9d
-
SHA1
79647997959cc41f998dfbda84181a03c7846d9c
-
SHA256
1699c3b7bf67a80c16011c60c2e14b2c804fc00c6e2a42ca86027b9dabf8e3dc
-
SHA512
058cc6db656b852a15b0c2839ac45e10fe1ec9686d7d1bbd61fdec769965e607f79a6b470db64a0c5b225279257677093943f885cb24c3d1e2ddfd23fb8d2160
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-