General
-
Target
160b413f5dd9ef20daead1e7d421c97949435c19b89cb96072ef7e9ffe27e0f4
-
Size
176KB
-
Sample
220212-epcq6sfgf9
-
MD5
10ac434ecaa19f61405a806a25da4ed3
-
SHA1
982bae4979aadd5e9a4db20fefdc7dd3309a6e0e
-
SHA256
160b413f5dd9ef20daead1e7d421c97949435c19b89cb96072ef7e9ffe27e0f4
-
SHA512
1a476dc460c2dd28ee9fe4a8b3358963dacc056a549787b27f54cef08242a105d75c7d0f13c0c87e6bf4abce26e501f61b1bb804a6330d230e8b579c46c8fc88
Static task
static1
Behavioral task
behavioral1
Sample
160b413f5dd9ef20daead1e7d421c97949435c19b89cb96072ef7e9ffe27e0f4.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
160b413f5dd9ef20daead1e7d421c97949435c19b89cb96072ef7e9ffe27e0f4.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
160b413f5dd9ef20daead1e7d421c97949435c19b89cb96072ef7e9ffe27e0f4
-
Size
176KB
-
MD5
10ac434ecaa19f61405a806a25da4ed3
-
SHA1
982bae4979aadd5e9a4db20fefdc7dd3309a6e0e
-
SHA256
160b413f5dd9ef20daead1e7d421c97949435c19b89cb96072ef7e9ffe27e0f4
-
SHA512
1a476dc460c2dd28ee9fe4a8b3358963dacc056a549787b27f54cef08242a105d75c7d0f13c0c87e6bf4abce26e501f61b1bb804a6330d230e8b579c46c8fc88
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-