General
-
Target
1236d9d30afe25b0ae5f30b596107aaa05bda455255b8861e6c3a5b089fdbd0e
-
Size
101KB
-
Sample
220212-gawlvaaber
-
MD5
c369ca10aa97ecad36e8f938f60d5052
-
SHA1
5decc4b5539cc10e8de7f52a514350ef36621dde
-
SHA256
1236d9d30afe25b0ae5f30b596107aaa05bda455255b8861e6c3a5b089fdbd0e
-
SHA512
51e3a0970f01fa0c0274b20504ac080289793eb80a6a4524277abcadf8ad83816b77fa730e179f5af6b2f150f8ad3a3707b1a7ad006174b61ce8a49d3669f286
Static task
static1
Behavioral task
behavioral1
Sample
1236d9d30afe25b0ae5f30b596107aaa05bda455255b8861e6c3a5b089fdbd0e.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1236d9d30afe25b0ae5f30b596107aaa05bda455255b8861e6c3a5b089fdbd0e.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1236d9d30afe25b0ae5f30b596107aaa05bda455255b8861e6c3a5b089fdbd0e
-
Size
101KB
-
MD5
c369ca10aa97ecad36e8f938f60d5052
-
SHA1
5decc4b5539cc10e8de7f52a514350ef36621dde
-
SHA256
1236d9d30afe25b0ae5f30b596107aaa05bda455255b8861e6c3a5b089fdbd0e
-
SHA512
51e3a0970f01fa0c0274b20504ac080289793eb80a6a4524277abcadf8ad83816b77fa730e179f5af6b2f150f8ad3a3707b1a7ad006174b61ce8a49d3669f286
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-