General
-
Target
12d2fa1ad35a8b21655dbed3c6ef74800ed4f06bbe40f2678b08c9490d723c1c
-
Size
191KB
-
Sample
220212-f3w8eaaafm
-
MD5
c19533c447548f71ccc29c4b5d51e9fe
-
SHA1
47260fd43fd9f0ac3d2c700d12fc22cda76145f1
-
SHA256
12d2fa1ad35a8b21655dbed3c6ef74800ed4f06bbe40f2678b08c9490d723c1c
-
SHA512
6c812291f8534220df125b64739ca10cf853aa853555e9b5e0f150144d472d8d494e9da8a77e8ef8071fcdc26c618ece81f0c616f0183f37c729680b853ad215
Static task
static1
Behavioral task
behavioral1
Sample
12d2fa1ad35a8b21655dbed3c6ef74800ed4f06bbe40f2678b08c9490d723c1c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
12d2fa1ad35a8b21655dbed3c6ef74800ed4f06bbe40f2678b08c9490d723c1c.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
12d2fa1ad35a8b21655dbed3c6ef74800ed4f06bbe40f2678b08c9490d723c1c
-
Size
191KB
-
MD5
c19533c447548f71ccc29c4b5d51e9fe
-
SHA1
47260fd43fd9f0ac3d2c700d12fc22cda76145f1
-
SHA256
12d2fa1ad35a8b21655dbed3c6ef74800ed4f06bbe40f2678b08c9490d723c1c
-
SHA512
6c812291f8534220df125b64739ca10cf853aa853555e9b5e0f150144d472d8d494e9da8a77e8ef8071fcdc26c618ece81f0c616f0183f37c729680b853ad215
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-