General
-
Target
1609a12c61711d4d66715925f584bde27946ece3d5c92bb4b420c1e2e08820a5
-
Size
80KB
-
Sample
220212-epgp5ahdap
-
MD5
4f58215601786f25c397182979c1066c
-
SHA1
dba61b541a0a646401daaad2b4f2a96eb820dc68
-
SHA256
1609a12c61711d4d66715925f584bde27946ece3d5c92bb4b420c1e2e08820a5
-
SHA512
73dd9d46f8a0a86669c164b0bed728af8ab51649abcdc54c758e266a8668bf25e6519e70120e55e31487e531318aa09c2b68b7d8337016414a300c481340ba9f
Static task
static1
Behavioral task
behavioral1
Sample
1609a12c61711d4d66715925f584bde27946ece3d5c92bb4b420c1e2e08820a5.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1609a12c61711d4d66715925f584bde27946ece3d5c92bb4b420c1e2e08820a5.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1609a12c61711d4d66715925f584bde27946ece3d5c92bb4b420c1e2e08820a5
-
Size
80KB
-
MD5
4f58215601786f25c397182979c1066c
-
SHA1
dba61b541a0a646401daaad2b4f2a96eb820dc68
-
SHA256
1609a12c61711d4d66715925f584bde27946ece3d5c92bb4b420c1e2e08820a5
-
SHA512
73dd9d46f8a0a86669c164b0bed728af8ab51649abcdc54c758e266a8668bf25e6519e70120e55e31487e531318aa09c2b68b7d8337016414a300c481340ba9f
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-