General
-
Target
1076c894ed7674690d83f236fd798c489970a6c8a85b08a80b6ef1401d7f5380
-
Size
101KB
-
Sample
220212-g1gwdaghf8
-
MD5
fc55349bad42ebd41b817fe3abcd4144
-
SHA1
07482c3c6e701784a71957dd9638d6c07faddf04
-
SHA256
1076c894ed7674690d83f236fd798c489970a6c8a85b08a80b6ef1401d7f5380
-
SHA512
ac3a128c1b086ad5c404ef0926551fbd7aa28ce7b07aaea6e86934db76a1955c1ec9a4b99a5c23f1b655e0b4f50de96a19edce2ee2111af996ff5ad4828d0e9c
Static task
static1
Behavioral task
behavioral1
Sample
1076c894ed7674690d83f236fd798c489970a6c8a85b08a80b6ef1401d7f5380.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1076c894ed7674690d83f236fd798c489970a6c8a85b08a80b6ef1401d7f5380.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1076c894ed7674690d83f236fd798c489970a6c8a85b08a80b6ef1401d7f5380
-
Size
101KB
-
MD5
fc55349bad42ebd41b817fe3abcd4144
-
SHA1
07482c3c6e701784a71957dd9638d6c07faddf04
-
SHA256
1076c894ed7674690d83f236fd798c489970a6c8a85b08a80b6ef1401d7f5380
-
SHA512
ac3a128c1b086ad5c404ef0926551fbd7aa28ce7b07aaea6e86934db76a1955c1ec9a4b99a5c23f1b655e0b4f50de96a19edce2ee2111af996ff5ad4828d0e9c
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-