General
-
Target
1451dd6d1f64cd8775150350e5ee870317abf054b297c2cb050a1672e0641b05
-
Size
101KB
-
Sample
220212-ffygysgbe6
-
MD5
5ff458f2a79fe48205000392f098c60e
-
SHA1
85d628a474fad084f467d605b7f98328a6836ed1
-
SHA256
1451dd6d1f64cd8775150350e5ee870317abf054b297c2cb050a1672e0641b05
-
SHA512
c77f7668ae49e02cbd66117d1710ff9b547335d2cc12767f6fde0d5825b2a4af9d91211e0ce037a9473402262e8a8815ee8af820cf48711c310e1f0dc7c34ca5
Static task
static1
Behavioral task
behavioral1
Sample
1451dd6d1f64cd8775150350e5ee870317abf054b297c2cb050a1672e0641b05.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1451dd6d1f64cd8775150350e5ee870317abf054b297c2cb050a1672e0641b05.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1451dd6d1f64cd8775150350e5ee870317abf054b297c2cb050a1672e0641b05
-
Size
101KB
-
MD5
5ff458f2a79fe48205000392f098c60e
-
SHA1
85d628a474fad084f467d605b7f98328a6836ed1
-
SHA256
1451dd6d1f64cd8775150350e5ee870317abf054b297c2cb050a1672e0641b05
-
SHA512
c77f7668ae49e02cbd66117d1710ff9b547335d2cc12767f6fde0d5825b2a4af9d91211e0ce037a9473402262e8a8815ee8af820cf48711c310e1f0dc7c34ca5
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-