General
-
Target
136c7708bc496fb5716266eb1ee00700b073c985d09af92f2f3d726a0a4d7985
-
Size
99KB
-
Sample
220212-fvtsbagch5
-
MD5
d73618d3354c4e46478c25837686666b
-
SHA1
d6ea136916898e031309aebf7c4459baeec4dc9b
-
SHA256
136c7708bc496fb5716266eb1ee00700b073c985d09af92f2f3d726a0a4d7985
-
SHA512
7ee8d1a908d735426a5f767087d8e754381d0d031dd6d0075b19c36ea9dd7220344b94b5a5ee3abe3565b2a0e26c7178d1a03ba81ae82411dce3f3f26ff87f63
Static task
static1
Behavioral task
behavioral1
Sample
136c7708bc496fb5716266eb1ee00700b073c985d09af92f2f3d726a0a4d7985.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
136c7708bc496fb5716266eb1ee00700b073c985d09af92f2f3d726a0a4d7985.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
136c7708bc496fb5716266eb1ee00700b073c985d09af92f2f3d726a0a4d7985
-
Size
99KB
-
MD5
d73618d3354c4e46478c25837686666b
-
SHA1
d6ea136916898e031309aebf7c4459baeec4dc9b
-
SHA256
136c7708bc496fb5716266eb1ee00700b073c985d09af92f2f3d726a0a4d7985
-
SHA512
7ee8d1a908d735426a5f767087d8e754381d0d031dd6d0075b19c36ea9dd7220344b94b5a5ee3abe3565b2a0e26c7178d1a03ba81ae82411dce3f3f26ff87f63
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-