General
-
Target
15d69bc850c0b4f1727b0b0dd1599ab3edae7538e397acc8275ed9890e07ffc8
-
Size
192KB
-
Sample
220212-er8lmahddl
-
MD5
c49e3b0ea7366580768985643d49a6a2
-
SHA1
c168facb19a7433884f2977491a2abd6a4451cc9
-
SHA256
15d69bc850c0b4f1727b0b0dd1599ab3edae7538e397acc8275ed9890e07ffc8
-
SHA512
050c9eb057a9d96c6ab9afe9eee8e9fa00f4c118cf6aa36e061f7ccae7512a98d76d30ffef369e5e3f2b7daa750a81d9a2de16823c8e5723cdda89cc5f1a2c0b
Static task
static1
Behavioral task
behavioral1
Sample
15d69bc850c0b4f1727b0b0dd1599ab3edae7538e397acc8275ed9890e07ffc8.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
15d69bc850c0b4f1727b0b0dd1599ab3edae7538e397acc8275ed9890e07ffc8.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
15d69bc850c0b4f1727b0b0dd1599ab3edae7538e397acc8275ed9890e07ffc8
-
Size
192KB
-
MD5
c49e3b0ea7366580768985643d49a6a2
-
SHA1
c168facb19a7433884f2977491a2abd6a4451cc9
-
SHA256
15d69bc850c0b4f1727b0b0dd1599ab3edae7538e397acc8275ed9890e07ffc8
-
SHA512
050c9eb057a9d96c6ab9afe9eee8e9fa00f4c118cf6aa36e061f7ccae7512a98d76d30ffef369e5e3f2b7daa750a81d9a2de16823c8e5723cdda89cc5f1a2c0b
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-