General
-
Target
157913c126d41cb11262607a70c4e8cfe1ce856b740f3431b35f15c9a863d682
-
Size
216KB
-
Sample
220212-eyp3vsfhg6
-
MD5
7b1bf51992934d9d5ff3d6c321bcfdd9
-
SHA1
809cb9651fc49fd3e4d85cf95cbf50d8a31f3b57
-
SHA256
157913c126d41cb11262607a70c4e8cfe1ce856b740f3431b35f15c9a863d682
-
SHA512
61d1fc118eed5dcc037ad0971a6c42e35ce121a10c0c64f3ddeb0f3d9126fd9049d2773432e82fe2cda7870d19c8b36a51302b38ac6bda1dc5dff5633b07cfc5
Static task
static1
Behavioral task
behavioral1
Sample
157913c126d41cb11262607a70c4e8cfe1ce856b740f3431b35f15c9a863d682.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
157913c126d41cb11262607a70c4e8cfe1ce856b740f3431b35f15c9a863d682.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
157913c126d41cb11262607a70c4e8cfe1ce856b740f3431b35f15c9a863d682
-
Size
216KB
-
MD5
7b1bf51992934d9d5ff3d6c321bcfdd9
-
SHA1
809cb9651fc49fd3e4d85cf95cbf50d8a31f3b57
-
SHA256
157913c126d41cb11262607a70c4e8cfe1ce856b740f3431b35f15c9a863d682
-
SHA512
61d1fc118eed5dcc037ad0971a6c42e35ce121a10c0c64f3ddeb0f3d9126fd9049d2773432e82fe2cda7870d19c8b36a51302b38ac6bda1dc5dff5633b07cfc5
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-