General
-
Target
1586f79f2d31e74c7a6579a3dbfc6db4ea3f68e92eb9a61be5dccf027b4bae5d
-
Size
99KB
-
Sample
220212-exgp4afhf4
-
MD5
4317a89791558850e040c349435395b6
-
SHA1
c3a55079f0aba06a3c42f54ad9b53d2e03ffaf67
-
SHA256
1586f79f2d31e74c7a6579a3dbfc6db4ea3f68e92eb9a61be5dccf027b4bae5d
-
SHA512
1369aadf635a88511769caa4b406d193cd6487b97597de66d29e623404c0f74055806541d328a15ab07285fc60bf440d8f0ad9c5b900d3a6baa4a24476c378a1
Static task
static1
Behavioral task
behavioral1
Sample
1586f79f2d31e74c7a6579a3dbfc6db4ea3f68e92eb9a61be5dccf027b4bae5d.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1586f79f2d31e74c7a6579a3dbfc6db4ea3f68e92eb9a61be5dccf027b4bae5d.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1586f79f2d31e74c7a6579a3dbfc6db4ea3f68e92eb9a61be5dccf027b4bae5d
-
Size
99KB
-
MD5
4317a89791558850e040c349435395b6
-
SHA1
c3a55079f0aba06a3c42f54ad9b53d2e03ffaf67
-
SHA256
1586f79f2d31e74c7a6579a3dbfc6db4ea3f68e92eb9a61be5dccf027b4bae5d
-
SHA512
1369aadf635a88511769caa4b406d193cd6487b97597de66d29e623404c0f74055806541d328a15ab07285fc60bf440d8f0ad9c5b900d3a6baa4a24476c378a1
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-