General
-
Target
104694573c63a19533aced1cd8e5c36f5cf847c4ebb3d63e4200115a90970b23
-
Size
216KB
-
Sample
220212-g3vj9ahaa8
-
MD5
0135c0a649b962219ea07348e21994a3
-
SHA1
b557fa3a5aace5d9a624165a6b14ab3e1128946b
-
SHA256
104694573c63a19533aced1cd8e5c36f5cf847c4ebb3d63e4200115a90970b23
-
SHA512
4d4d258cc16c9f4967930d16a45291bfdfbe08b9a7794722cede67b0acc3aa5ed46ca3d92bad0c5d244087c0ef633d52df451d54b1ced5c1149e249eec1a51bd
Static task
static1
Behavioral task
behavioral1
Sample
104694573c63a19533aced1cd8e5c36f5cf847c4ebb3d63e4200115a90970b23.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
104694573c63a19533aced1cd8e5c36f5cf847c4ebb3d63e4200115a90970b23.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
104694573c63a19533aced1cd8e5c36f5cf847c4ebb3d63e4200115a90970b23
-
Size
216KB
-
MD5
0135c0a649b962219ea07348e21994a3
-
SHA1
b557fa3a5aace5d9a624165a6b14ab3e1128946b
-
SHA256
104694573c63a19533aced1cd8e5c36f5cf847c4ebb3d63e4200115a90970b23
-
SHA512
4d4d258cc16c9f4967930d16a45291bfdfbe08b9a7794722cede67b0acc3aa5ed46ca3d92bad0c5d244087c0ef633d52df451d54b1ced5c1149e249eec1a51bd
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-