General
-
Target
15af1eef06f2db43bb6f8db940de14ee452aa001dd7f5bd805e16e3496723036
-
Size
79KB
-
Sample
220212-evcy5ahdfp
-
MD5
eec9e14eff77b6a87dc459515cd54077
-
SHA1
774c5903c8846fc87fe2422a40c426a6f8ab528e
-
SHA256
15af1eef06f2db43bb6f8db940de14ee452aa001dd7f5bd805e16e3496723036
-
SHA512
7ba24356aa0ecf917af8ad45754ff99cdc32a00ae47d768ca40c2f94aa6da1a7a829e5d5fd86b5964822e3a6dd902a0a2a098a9e48b422bb2fc5f70bb7b4756f
Static task
static1
Behavioral task
behavioral1
Sample
15af1eef06f2db43bb6f8db940de14ee452aa001dd7f5bd805e16e3496723036.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
15af1eef06f2db43bb6f8db940de14ee452aa001dd7f5bd805e16e3496723036.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
15af1eef06f2db43bb6f8db940de14ee452aa001dd7f5bd805e16e3496723036
-
Size
79KB
-
MD5
eec9e14eff77b6a87dc459515cd54077
-
SHA1
774c5903c8846fc87fe2422a40c426a6f8ab528e
-
SHA256
15af1eef06f2db43bb6f8db940de14ee452aa001dd7f5bd805e16e3496723036
-
SHA512
7ba24356aa0ecf917af8ad45754ff99cdc32a00ae47d768ca40c2f94aa6da1a7a829e5d5fd86b5964822e3a6dd902a0a2a098a9e48b422bb2fc5f70bb7b4756f
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-