General
-
Target
1629405d508628d19523052aaca56bf0edee722f091434367401061d92a901b2
-
Size
100KB
-
Sample
220212-el6j3shcfp
-
MD5
90c02f1a619ce3d49b0dd8bb4b77d58f
-
SHA1
49aa1e8b7ad0a693e0a7ddd6e95cdc4f8329bfd6
-
SHA256
1629405d508628d19523052aaca56bf0edee722f091434367401061d92a901b2
-
SHA512
1fbe9ea4a4c92391916c2b6f228b9083a440ff612eeb0515e07f074bc9b949dfe647d52bab2b5782f4d4500c48b8906276754bd10227b7475d7bf287e442b3f3
Static task
static1
Behavioral task
behavioral1
Sample
1629405d508628d19523052aaca56bf0edee722f091434367401061d92a901b2.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1629405d508628d19523052aaca56bf0edee722f091434367401061d92a901b2.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1629405d508628d19523052aaca56bf0edee722f091434367401061d92a901b2
-
Size
100KB
-
MD5
90c02f1a619ce3d49b0dd8bb4b77d58f
-
SHA1
49aa1e8b7ad0a693e0a7ddd6e95cdc4f8329bfd6
-
SHA256
1629405d508628d19523052aaca56bf0edee722f091434367401061d92a901b2
-
SHA512
1fbe9ea4a4c92391916c2b6f228b9083a440ff612eeb0515e07f074bc9b949dfe647d52bab2b5782f4d4500c48b8906276754bd10227b7475d7bf287e442b3f3
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-