General
-
Target
12fe88b0a1f257aa0f5d14b65601a3d6bdb5bd9aa5159d1941957e75b836f949
-
Size
212KB
-
Sample
220212-f1yy8agdf2
-
MD5
ccdd1b7c7013f7e35f8115bddff6f94d
-
SHA1
475ee37fb0161fa1248c7e17909e176208a6cb03
-
SHA256
12fe88b0a1f257aa0f5d14b65601a3d6bdb5bd9aa5159d1941957e75b836f949
-
SHA512
fbc301e61a565e2b09af08a97c4fd28c529e6cda56427fa734a6cf59ae7029e8f0a37bbdb9385e504ab09a18b4839353c20191997f05ba3a6f2ae4a4afba8382
Behavioral task
behavioral1
Sample
12fe88b0a1f257aa0f5d14b65601a3d6bdb5bd9aa5159d1941957e75b836f949.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
12fe88b0a1f257aa0f5d14b65601a3d6bdb5bd9aa5159d1941957e75b836f949.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
12fe88b0a1f257aa0f5d14b65601a3d6bdb5bd9aa5159d1941957e75b836f949
-
Size
212KB
-
MD5
ccdd1b7c7013f7e35f8115bddff6f94d
-
SHA1
475ee37fb0161fa1248c7e17909e176208a6cb03
-
SHA256
12fe88b0a1f257aa0f5d14b65601a3d6bdb5bd9aa5159d1941957e75b836f949
-
SHA512
fbc301e61a565e2b09af08a97c4fd28c529e6cda56427fa734a6cf59ae7029e8f0a37bbdb9385e504ab09a18b4839353c20191997f05ba3a6f2ae4a4afba8382
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-