General
-
Target
1431934f48b8df9e7295063fe8de5f82d5e9af021206a2a840240bbef61d601f
-
Size
99KB
-
Sample
220212-fhcy2agbf9
-
MD5
f3650d37d308a8012c55ceb82dadb938
-
SHA1
ef7db9ef1ed83e6bc07780098fb1bb919550a1a2
-
SHA256
1431934f48b8df9e7295063fe8de5f82d5e9af021206a2a840240bbef61d601f
-
SHA512
ab7e4e2d70cccbb1e8c8819eedb82ed5b5b54fd9124cffc9e4628f3a465c6a912f8b47338fc48e72ede30e376188dc82962696a9c861cdc70b442f93f3e58f12
Static task
static1
Behavioral task
behavioral1
Sample
1431934f48b8df9e7295063fe8de5f82d5e9af021206a2a840240bbef61d601f.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1431934f48b8df9e7295063fe8de5f82d5e9af021206a2a840240bbef61d601f.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
1431934f48b8df9e7295063fe8de5f82d5e9af021206a2a840240bbef61d601f
-
Size
99KB
-
MD5
f3650d37d308a8012c55ceb82dadb938
-
SHA1
ef7db9ef1ed83e6bc07780098fb1bb919550a1a2
-
SHA256
1431934f48b8df9e7295063fe8de5f82d5e9af021206a2a840240bbef61d601f
-
SHA512
ab7e4e2d70cccbb1e8c8819eedb82ed5b5b54fd9124cffc9e4628f3a465c6a912f8b47338fc48e72ede30e376188dc82962696a9c861cdc70b442f93f3e58f12
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-