General
-
Target
105ba796dcef4dd3cad5e5b141311af151b801de1487e3ead8235f2a2a7237d6
-
Size
101KB
-
Sample
220212-g2nqbaghh4
-
MD5
9d832d68210c4e9090f0211532793cb2
-
SHA1
510244948b11174e6e3d6934ddd61204f9c95839
-
SHA256
105ba796dcef4dd3cad5e5b141311af151b801de1487e3ead8235f2a2a7237d6
-
SHA512
d2a695aab250cff9ed3788b9996dd6ed06eb5869a554a35b7b40b86bdf87c02943be025d4496959239b2dfb44924d715d08bddab214acfed3a4156d84a1b9c16
Static task
static1
Behavioral task
behavioral1
Sample
105ba796dcef4dd3cad5e5b141311af151b801de1487e3ead8235f2a2a7237d6.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
105ba796dcef4dd3cad5e5b141311af151b801de1487e3ead8235f2a2a7237d6.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
105ba796dcef4dd3cad5e5b141311af151b801de1487e3ead8235f2a2a7237d6
-
Size
101KB
-
MD5
9d832d68210c4e9090f0211532793cb2
-
SHA1
510244948b11174e6e3d6934ddd61204f9c95839
-
SHA256
105ba796dcef4dd3cad5e5b141311af151b801de1487e3ead8235f2a2a7237d6
-
SHA512
d2a695aab250cff9ed3788b9996dd6ed06eb5869a554a35b7b40b86bdf87c02943be025d4496959239b2dfb44924d715d08bddab214acfed3a4156d84a1b9c16
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-