General
-
Target
124ca0105de07ce1cbb491250ce9fee9af0d7bfc6dee540b8e79b580f5bd96b2
-
Size
101KB
-
Sample
220212-f9y1ksabdp
-
MD5
166be20e444c655c66b7f20eabee5878
-
SHA1
81b95b9ed41f4c07d96d037d1b639df1374aa346
-
SHA256
124ca0105de07ce1cbb491250ce9fee9af0d7bfc6dee540b8e79b580f5bd96b2
-
SHA512
af189e444fab1034eb6df62f7e85fa7c1d060bee0ac1b419a4836f377c4d99d803648329ff8de9862b6b76ac90cf6e75783abf7f76d4feafa09e81fd064355fc
Static task
static1
Behavioral task
behavioral1
Sample
124ca0105de07ce1cbb491250ce9fee9af0d7bfc6dee540b8e79b580f5bd96b2.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
124ca0105de07ce1cbb491250ce9fee9af0d7bfc6dee540b8e79b580f5bd96b2.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
124ca0105de07ce1cbb491250ce9fee9af0d7bfc6dee540b8e79b580f5bd96b2
-
Size
101KB
-
MD5
166be20e444c655c66b7f20eabee5878
-
SHA1
81b95b9ed41f4c07d96d037d1b639df1374aa346
-
SHA256
124ca0105de07ce1cbb491250ce9fee9af0d7bfc6dee540b8e79b580f5bd96b2
-
SHA512
af189e444fab1034eb6df62f7e85fa7c1d060bee0ac1b419a4836f377c4d99d803648329ff8de9862b6b76ac90cf6e75783abf7f76d4feafa09e81fd064355fc
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-