General
-
Target
1061a46dd2f94d298dc6e58b5c4cd2245200b50831cd80358592e5167e87231e
-
Size
192KB
-
Sample
220212-g2ccaaghg9
-
MD5
fa2b4652b3381ee69ddb0425b3d2a96b
-
SHA1
3c6aa1630e02bc731995718c86381b4510e6f0b0
-
SHA256
1061a46dd2f94d298dc6e58b5c4cd2245200b50831cd80358592e5167e87231e
-
SHA512
1617f17e64b960b0d7fe7e2f9c4eb980e762471d8e38655813d7b45e97bd4b93b2a1a3175d9a6eab59d75b6db4084839b40e457ac2d9429b3c2b6a7ceffc9bce
Static task
static1
Behavioral task
behavioral1
Sample
1061a46dd2f94d298dc6e58b5c4cd2245200b50831cd80358592e5167e87231e.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1061a46dd2f94d298dc6e58b5c4cd2245200b50831cd80358592e5167e87231e.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1061a46dd2f94d298dc6e58b5c4cd2245200b50831cd80358592e5167e87231e
-
Size
192KB
-
MD5
fa2b4652b3381ee69ddb0425b3d2a96b
-
SHA1
3c6aa1630e02bc731995718c86381b4510e6f0b0
-
SHA256
1061a46dd2f94d298dc6e58b5c4cd2245200b50831cd80358592e5167e87231e
-
SHA512
1617f17e64b960b0d7fe7e2f9c4eb980e762471d8e38655813d7b45e97bd4b93b2a1a3175d9a6eab59d75b6db4084839b40e457ac2d9429b3c2b6a7ceffc9bce
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-