General
-
Target
1350492f2d0d41a02ddeb543dff407b1ae22d80c1cbc5a8a05a3004da8234791
-
Size
101KB
-
Sample
220212-fxca2shhhr
-
MD5
246f70908d9e8ce74ae73d018ba30d43
-
SHA1
f1016fd549f17d89af3c8bf088ceee34864e1a42
-
SHA256
1350492f2d0d41a02ddeb543dff407b1ae22d80c1cbc5a8a05a3004da8234791
-
SHA512
0331b0338dfcac541d6dbb1c3cfaefcda4076edf1351aefa8a9644f6ab09ed3aac49c3cac9adc260ae7d7a07f2461323358a4fdc3bb83473f7af13e51be6af28
Static task
static1
Behavioral task
behavioral1
Sample
1350492f2d0d41a02ddeb543dff407b1ae22d80c1cbc5a8a05a3004da8234791.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1350492f2d0d41a02ddeb543dff407b1ae22d80c1cbc5a8a05a3004da8234791.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1350492f2d0d41a02ddeb543dff407b1ae22d80c1cbc5a8a05a3004da8234791
-
Size
101KB
-
MD5
246f70908d9e8ce74ae73d018ba30d43
-
SHA1
f1016fd549f17d89af3c8bf088ceee34864e1a42
-
SHA256
1350492f2d0d41a02ddeb543dff407b1ae22d80c1cbc5a8a05a3004da8234791
-
SHA512
0331b0338dfcac541d6dbb1c3cfaefcda4076edf1351aefa8a9644f6ab09ed3aac49c3cac9adc260ae7d7a07f2461323358a4fdc3bb83473f7af13e51be6af28
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-