General
-
Target
1078390279b2b4a18cd3ff9149b83d636c367c00652d4e43b7589f8fcfbcd4f8
-
Size
79KB
-
Sample
220212-g1ar3aghf6
-
MD5
18fa2ef471677bc745be1904a2633adb
-
SHA1
630ae8a252efcac05901bf1f9d5f527f6e20fdb7
-
SHA256
1078390279b2b4a18cd3ff9149b83d636c367c00652d4e43b7589f8fcfbcd4f8
-
SHA512
26c846df483a2efa38864e068dd5ef1805f744d9fc2054e3fe86e3dc4261b0d32040d078c2d856c4fbcbfa7593893fbcfc83c17480ae293e58ca1938720de10a
Static task
static1
Behavioral task
behavioral1
Sample
1078390279b2b4a18cd3ff9149b83d636c367c00652d4e43b7589f8fcfbcd4f8.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1078390279b2b4a18cd3ff9149b83d636c367c00652d4e43b7589f8fcfbcd4f8.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1078390279b2b4a18cd3ff9149b83d636c367c00652d4e43b7589f8fcfbcd4f8
-
Size
79KB
-
MD5
18fa2ef471677bc745be1904a2633adb
-
SHA1
630ae8a252efcac05901bf1f9d5f527f6e20fdb7
-
SHA256
1078390279b2b4a18cd3ff9149b83d636c367c00652d4e43b7589f8fcfbcd4f8
-
SHA512
26c846df483a2efa38864e068dd5ef1805f744d9fc2054e3fe86e3dc4261b0d32040d078c2d856c4fbcbfa7593893fbcfc83c17480ae293e58ca1938720de10a
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-