General
-
Target
15e782b83f267c6067e79b711b9fe435fb60382b21de2a0d71cf0c597fdea9b8
-
Size
100KB
-
Sample
220212-erfkvafha3
-
MD5
58ae20cc5a6cf9be936d460e564fa62b
-
SHA1
0d3625f7f1baf9145c1cafe4f6a5835241027b07
-
SHA256
15e782b83f267c6067e79b711b9fe435fb60382b21de2a0d71cf0c597fdea9b8
-
SHA512
90b2b795f8d7c0b74ff671340325f51e818c0ec6abcc705200d511c61b5249c0a4fd013a47e680cdee855fb0a82cd02a0306dfde7fa8da71d4b799d67076a324
Static task
static1
Behavioral task
behavioral1
Sample
15e782b83f267c6067e79b711b9fe435fb60382b21de2a0d71cf0c597fdea9b8.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
15e782b83f267c6067e79b711b9fe435fb60382b21de2a0d71cf0c597fdea9b8.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
15e782b83f267c6067e79b711b9fe435fb60382b21de2a0d71cf0c597fdea9b8
-
Size
100KB
-
MD5
58ae20cc5a6cf9be936d460e564fa62b
-
SHA1
0d3625f7f1baf9145c1cafe4f6a5835241027b07
-
SHA256
15e782b83f267c6067e79b711b9fe435fb60382b21de2a0d71cf0c597fdea9b8
-
SHA512
90b2b795f8d7c0b74ff671340325f51e818c0ec6abcc705200d511c61b5249c0a4fd013a47e680cdee855fb0a82cd02a0306dfde7fa8da71d4b799d67076a324
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-