General
-
Target
1360ab10172bdb915089df760d0812054b7d9cfa4740dd96c56e4077ae166848
-
Size
80KB
-
Sample
220212-fwgjdagda3
-
MD5
2445ca4bd92a3b7e19a3b7662e13c6f4
-
SHA1
f6fe434aaf06316a96a179a194ed74216b31ea85
-
SHA256
1360ab10172bdb915089df760d0812054b7d9cfa4740dd96c56e4077ae166848
-
SHA512
c618783a44beca278e088a120b93758aea7038e532254360ec69dca0cae398e976ee8f56322344590d2b90ac2bb63e137cde8ff8ca79ec4ab47c223b64761b11
Static task
static1
Behavioral task
behavioral1
Sample
1360ab10172bdb915089df760d0812054b7d9cfa4740dd96c56e4077ae166848.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1360ab10172bdb915089df760d0812054b7d9cfa4740dd96c56e4077ae166848.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1360ab10172bdb915089df760d0812054b7d9cfa4740dd96c56e4077ae166848
-
Size
80KB
-
MD5
2445ca4bd92a3b7e19a3b7662e13c6f4
-
SHA1
f6fe434aaf06316a96a179a194ed74216b31ea85
-
SHA256
1360ab10172bdb915089df760d0812054b7d9cfa4740dd96c56e4077ae166848
-
SHA512
c618783a44beca278e088a120b93758aea7038e532254360ec69dca0cae398e976ee8f56322344590d2b90ac2bb63e137cde8ff8ca79ec4ab47c223b64761b11
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-