General
-
Target
12b0325dde47158b91a70a1dad9eb320a2908e4859114368c819a03b4bf01b13
-
Size
79KB
-
Sample
220212-f5nztaaahm
-
MD5
35f274dc93417b569753a6d57e62f8a5
-
SHA1
3b3ef2cc604c69065ac3b679445f9b2c919f5034
-
SHA256
12b0325dde47158b91a70a1dad9eb320a2908e4859114368c819a03b4bf01b13
-
SHA512
014c546d2b33b9ace1e2909361abaf01e53fc011ecfa1ed2f0238deee66624aee1e326ebf652abc5b82767d803e056ffd2484b2c07d98bbf57162dc03ded1af6
Static task
static1
Behavioral task
behavioral1
Sample
12b0325dde47158b91a70a1dad9eb320a2908e4859114368c819a03b4bf01b13.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
12b0325dde47158b91a70a1dad9eb320a2908e4859114368c819a03b4bf01b13.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
12b0325dde47158b91a70a1dad9eb320a2908e4859114368c819a03b4bf01b13
-
Size
79KB
-
MD5
35f274dc93417b569753a6d57e62f8a5
-
SHA1
3b3ef2cc604c69065ac3b679445f9b2c919f5034
-
SHA256
12b0325dde47158b91a70a1dad9eb320a2908e4859114368c819a03b4bf01b13
-
SHA512
014c546d2b33b9ace1e2909361abaf01e53fc011ecfa1ed2f0238deee66624aee1e326ebf652abc5b82767d803e056ffd2484b2c07d98bbf57162dc03ded1af6
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-