General
-
Target
14b6af04127197c5a76d35c850c719f6545f0528151fbbd376cb4febb6415e3c
-
Size
191KB
-
Sample
220212-fcf4hahfel
-
MD5
aa3bf8939778f528e0df739ba69f6f1a
-
SHA1
05213ab6899ca76eecf5e1d90e7551669a278823
-
SHA256
14b6af04127197c5a76d35c850c719f6545f0528151fbbd376cb4febb6415e3c
-
SHA512
f2bf92745b4c1b67b7fdbe852b2080ea97f247fd80d91982e4fadc8606de0e973069b4159f6515b6fab20af48a48eb725491dc941713b596759caf2da7b5915b
Static task
static1
Behavioral task
behavioral1
Sample
14b6af04127197c5a76d35c850c719f6545f0528151fbbd376cb4febb6415e3c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
14b6af04127197c5a76d35c850c719f6545f0528151fbbd376cb4febb6415e3c.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
14b6af04127197c5a76d35c850c719f6545f0528151fbbd376cb4febb6415e3c
-
Size
191KB
-
MD5
aa3bf8939778f528e0df739ba69f6f1a
-
SHA1
05213ab6899ca76eecf5e1d90e7551669a278823
-
SHA256
14b6af04127197c5a76d35c850c719f6545f0528151fbbd376cb4febb6415e3c
-
SHA512
f2bf92745b4c1b67b7fdbe852b2080ea97f247fd80d91982e4fadc8606de0e973069b4159f6515b6fab20af48a48eb725491dc941713b596759caf2da7b5915b
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-