General
-
Target
13588f0ccd175ce06b6647ed81194e5c97dae91c1e6fb00ad8907799a27ced6b
-
Size
100KB
-
Sample
220212-fwysnahhhp
-
MD5
9654727e2cb8f568d1433ff225866154
-
SHA1
6e7aaec81f57e6501664ee81071277204d03f9b9
-
SHA256
13588f0ccd175ce06b6647ed81194e5c97dae91c1e6fb00ad8907799a27ced6b
-
SHA512
4dcc644f9248ebb282e2fe959c6d624ee2661157bc829e8f29164c4bcb1d3b8faf0f1a2c7d8eec20f38f0d227497e42618d49df3cd41f0677d178869ee4ef57b
Static task
static1
Behavioral task
behavioral1
Sample
13588f0ccd175ce06b6647ed81194e5c97dae91c1e6fb00ad8907799a27ced6b.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
13588f0ccd175ce06b6647ed81194e5c97dae91c1e6fb00ad8907799a27ced6b.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
13588f0ccd175ce06b6647ed81194e5c97dae91c1e6fb00ad8907799a27ced6b
-
Size
100KB
-
MD5
9654727e2cb8f568d1433ff225866154
-
SHA1
6e7aaec81f57e6501664ee81071277204d03f9b9
-
SHA256
13588f0ccd175ce06b6647ed81194e5c97dae91c1e6fb00ad8907799a27ced6b
-
SHA512
4dcc644f9248ebb282e2fe959c6d624ee2661157bc829e8f29164c4bcb1d3b8faf0f1a2c7d8eec20f38f0d227497e42618d49df3cd41f0677d178869ee4ef57b
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-