General
-
Target
15779b21660c32d7bab65ae82aa2279ba9edeb3c8bd84c091cbcd5aec8ffcaa5
-
Size
192KB
-
Sample
220212-eyt2tahebm
-
MD5
afb2579aff74db141ded5ead3fa20e66
-
SHA1
3ca2e7e640630426d5c413fb8a96fb0687b0c6b5
-
SHA256
15779b21660c32d7bab65ae82aa2279ba9edeb3c8bd84c091cbcd5aec8ffcaa5
-
SHA512
bb83efb60f6ecf8d5c2544c7961ae546226b2ff5742671524df908d65fee75d58fbfe8aed23bf68efb8d30c4a49560c7fb694ccb26bb24ef85eacafb40776d99
Static task
static1
Behavioral task
behavioral1
Sample
15779b21660c32d7bab65ae82aa2279ba9edeb3c8bd84c091cbcd5aec8ffcaa5.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
15779b21660c32d7bab65ae82aa2279ba9edeb3c8bd84c091cbcd5aec8ffcaa5.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
15779b21660c32d7bab65ae82aa2279ba9edeb3c8bd84c091cbcd5aec8ffcaa5
-
Size
192KB
-
MD5
afb2579aff74db141ded5ead3fa20e66
-
SHA1
3ca2e7e640630426d5c413fb8a96fb0687b0c6b5
-
SHA256
15779b21660c32d7bab65ae82aa2279ba9edeb3c8bd84c091cbcd5aec8ffcaa5
-
SHA512
bb83efb60f6ecf8d5c2544c7961ae546226b2ff5742671524df908d65fee75d58fbfe8aed23bf68efb8d30c4a49560c7fb694ccb26bb24ef85eacafb40776d99
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-