General
-
Target
13f8f57747092ad5875e5a67c11af7ef10daf44a5c0b7bf0e4323af8d46d2dd1
-
Size
101KB
-
Sample
220212-flks2sgca6
-
MD5
9a107782176d171f1a9dcafab3d72a33
-
SHA1
4ded1641b5e295363a107030324fec1e258c5653
-
SHA256
13f8f57747092ad5875e5a67c11af7ef10daf44a5c0b7bf0e4323af8d46d2dd1
-
SHA512
0adad277fd8954f34a91585087c55841a4ba2d37d1f4ccf688d4f6dfe53e4342cb12e8527eb66e0435bd939fb9be96848575d4b5104748465c5de9f8d5e3c589
Static task
static1
Behavioral task
behavioral1
Sample
13f8f57747092ad5875e5a67c11af7ef10daf44a5c0b7bf0e4323af8d46d2dd1.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
13f8f57747092ad5875e5a67c11af7ef10daf44a5c0b7bf0e4323af8d46d2dd1.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
13f8f57747092ad5875e5a67c11af7ef10daf44a5c0b7bf0e4323af8d46d2dd1
-
Size
101KB
-
MD5
9a107782176d171f1a9dcafab3d72a33
-
SHA1
4ded1641b5e295363a107030324fec1e258c5653
-
SHA256
13f8f57747092ad5875e5a67c11af7ef10daf44a5c0b7bf0e4323af8d46d2dd1
-
SHA512
0adad277fd8954f34a91585087c55841a4ba2d37d1f4ccf688d4f6dfe53e4342cb12e8527eb66e0435bd939fb9be96848575d4b5104748465c5de9f8d5e3c589
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-