General
-
Target
15e0b61576aafd9e34e91c83bb9618c5e796f050633b512c021bd3dc843e170f
-
Size
92KB
-
Sample
220212-erp5aafha6
-
MD5
8e1b5a1a5da347307037019f74dc135a
-
SHA1
cc20c6013eb70eacc30ac5e26070c00719267622
-
SHA256
15e0b61576aafd9e34e91c83bb9618c5e796f050633b512c021bd3dc843e170f
-
SHA512
fbd034c2472eac636301a8166647b241acfe124f14ba01f2e2b8d205b756ae321f35af711cf4909160d3bc5e43e18907aaff3f2e564efeb34aa27f0e06d9e4e8
Static task
static1
Behavioral task
behavioral1
Sample
15e0b61576aafd9e34e91c83bb9618c5e796f050633b512c021bd3dc843e170f.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
15e0b61576aafd9e34e91c83bb9618c5e796f050633b512c021bd3dc843e170f.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
15e0b61576aafd9e34e91c83bb9618c5e796f050633b512c021bd3dc843e170f
-
Size
92KB
-
MD5
8e1b5a1a5da347307037019f74dc135a
-
SHA1
cc20c6013eb70eacc30ac5e26070c00719267622
-
SHA256
15e0b61576aafd9e34e91c83bb9618c5e796f050633b512c021bd3dc843e170f
-
SHA512
fbd034c2472eac636301a8166647b241acfe124f14ba01f2e2b8d205b756ae321f35af711cf4909160d3bc5e43e18907aaff3f2e564efeb34aa27f0e06d9e4e8
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-