General
-
Target
15dbd18c2621d40d1db47d1c473e5e71cfd8c5a48c636ba733b2e06127036e07
-
Size
191KB
-
Sample
220212-er4bxafha8
-
MD5
50e7f63ad6541b1a6960738410a4acd3
-
SHA1
3b293f61c77d21c8a6241467dcbc600a8c5f4fb2
-
SHA256
15dbd18c2621d40d1db47d1c473e5e71cfd8c5a48c636ba733b2e06127036e07
-
SHA512
b96b5fe5e508bf83756e601c051444802b76ef0f6ebad60e056337de4602f37e03e5eb8a30f9f24910fb16b96194b8cc3fa9f08812fbfbe61ed2be6bd00dc1ab
Static task
static1
Behavioral task
behavioral1
Sample
15dbd18c2621d40d1db47d1c473e5e71cfd8c5a48c636ba733b2e06127036e07.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
15dbd18c2621d40d1db47d1c473e5e71cfd8c5a48c636ba733b2e06127036e07.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
15dbd18c2621d40d1db47d1c473e5e71cfd8c5a48c636ba733b2e06127036e07
-
Size
191KB
-
MD5
50e7f63ad6541b1a6960738410a4acd3
-
SHA1
3b293f61c77d21c8a6241467dcbc600a8c5f4fb2
-
SHA256
15dbd18c2621d40d1db47d1c473e5e71cfd8c5a48c636ba733b2e06127036e07
-
SHA512
b96b5fe5e508bf83756e601c051444802b76ef0f6ebad60e056337de4602f37e03e5eb8a30f9f24910fb16b96194b8cc3fa9f08812fbfbe61ed2be6bd00dc1ab
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-