General
-
Target
145a9adc39268e8edf7723e9efaeef40975b4b583aa31f833700a094e6b7b715
-
Size
99KB
-
Sample
220212-ffb9qahfhm
-
MD5
bce00095a8858570af9799dda2429fef
-
SHA1
c4cb9a6fb8e18fddd33140f667293b46e349df93
-
SHA256
145a9adc39268e8edf7723e9efaeef40975b4b583aa31f833700a094e6b7b715
-
SHA512
c2703e7574df1344b79c9d766919fb93660b2bb466f7ff9dbf77c39644e8d44752b5a67babd70d9828ea165a6b4f89c9af9a91c7ed51aedc1f9279673d60ed84
Static task
static1
Behavioral task
behavioral1
Sample
145a9adc39268e8edf7723e9efaeef40975b4b583aa31f833700a094e6b7b715.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
145a9adc39268e8edf7723e9efaeef40975b4b583aa31f833700a094e6b7b715.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
145a9adc39268e8edf7723e9efaeef40975b4b583aa31f833700a094e6b7b715
-
Size
99KB
-
MD5
bce00095a8858570af9799dda2429fef
-
SHA1
c4cb9a6fb8e18fddd33140f667293b46e349df93
-
SHA256
145a9adc39268e8edf7723e9efaeef40975b4b583aa31f833700a094e6b7b715
-
SHA512
c2703e7574df1344b79c9d766919fb93660b2bb466f7ff9dbf77c39644e8d44752b5a67babd70d9828ea165a6b4f89c9af9a91c7ed51aedc1f9279673d60ed84
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-