General
-
Target
1696ea1d31ce90bfed3b8781ae25921b7f464cee7a980306303cf3f052f2bdf3
-
Size
216KB
-
Sample
220212-efw4fsffg3
-
MD5
565b15efd9cae3535ae9248ab8179be9
-
SHA1
b9b21ca10b7507d77dd10cc2fbd4acab4c15dc19
-
SHA256
1696ea1d31ce90bfed3b8781ae25921b7f464cee7a980306303cf3f052f2bdf3
-
SHA512
29cec2523b2fbd40cc74f8a698f0fffd78bd4d72b209e8385432d9ec0eabfafc2622e899548b70497f985e741084587b79b218cc093a927f89f0d13829ab83ff
Static task
static1
Behavioral task
behavioral1
Sample
1696ea1d31ce90bfed3b8781ae25921b7f464cee7a980306303cf3f052f2bdf3.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1696ea1d31ce90bfed3b8781ae25921b7f464cee7a980306303cf3f052f2bdf3.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1696ea1d31ce90bfed3b8781ae25921b7f464cee7a980306303cf3f052f2bdf3
-
Size
216KB
-
MD5
565b15efd9cae3535ae9248ab8179be9
-
SHA1
b9b21ca10b7507d77dd10cc2fbd4acab4c15dc19
-
SHA256
1696ea1d31ce90bfed3b8781ae25921b7f464cee7a980306303cf3f052f2bdf3
-
SHA512
29cec2523b2fbd40cc74f8a698f0fffd78bd4d72b209e8385432d9ec0eabfafc2622e899548b70497f985e741084587b79b218cc093a927f89f0d13829ab83ff
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-