General
-
Target
1648cd88acc1544be611e973b5a3e4fb0072c10987b47b0f6b22be5ef39250a2
-
Size
92KB
-
Sample
220212-elbppsfgd4
-
MD5
235322af4aea51c0ace084a021f93c32
-
SHA1
c13eaec485b140f661a9bfb47fb51e515f87c9af
-
SHA256
1648cd88acc1544be611e973b5a3e4fb0072c10987b47b0f6b22be5ef39250a2
-
SHA512
ca97d762f4b458a879b69243e4fe129af2960b678782f23e11aae7f6852e044770856a878be3b956a3f9b58b4776d090e7b479ef05e8158897a9a59b813072fd
Static task
static1
Behavioral task
behavioral1
Sample
1648cd88acc1544be611e973b5a3e4fb0072c10987b47b0f6b22be5ef39250a2.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1648cd88acc1544be611e973b5a3e4fb0072c10987b47b0f6b22be5ef39250a2.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1648cd88acc1544be611e973b5a3e4fb0072c10987b47b0f6b22be5ef39250a2
-
Size
92KB
-
MD5
235322af4aea51c0ace084a021f93c32
-
SHA1
c13eaec485b140f661a9bfb47fb51e515f87c9af
-
SHA256
1648cd88acc1544be611e973b5a3e4fb0072c10987b47b0f6b22be5ef39250a2
-
SHA512
ca97d762f4b458a879b69243e4fe129af2960b678782f23e11aae7f6852e044770856a878be3b956a3f9b58b4776d090e7b479ef05e8158897a9a59b813072fd
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-