General
-
Target
1203cc42266375c0b56d192424de31621f2548432b4ef1b403a525b8bffc12c7
-
Size
168KB
-
Sample
220212-gdknrageh7
-
MD5
fa569a0a828dd4e2b101c18386abba46
-
SHA1
28af6d2a5a9417a7184f878209a839e59ace754c
-
SHA256
1203cc42266375c0b56d192424de31621f2548432b4ef1b403a525b8bffc12c7
-
SHA512
3c05e1ae4beefc56241bfac31d66037113fc28c3870451c377bd1052c0598a843858eb11f01a7ddd7a070e44d25e4adbf3f83a5d4e293ffa832f7a8462687ff0
Static task
static1
Behavioral task
behavioral1
Sample
1203cc42266375c0b56d192424de31621f2548432b4ef1b403a525b8bffc12c7.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1203cc42266375c0b56d192424de31621f2548432b4ef1b403a525b8bffc12c7.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1203cc42266375c0b56d192424de31621f2548432b4ef1b403a525b8bffc12c7
-
Size
168KB
-
MD5
fa569a0a828dd4e2b101c18386abba46
-
SHA1
28af6d2a5a9417a7184f878209a839e59ace754c
-
SHA256
1203cc42266375c0b56d192424de31621f2548432b4ef1b403a525b8bffc12c7
-
SHA512
3c05e1ae4beefc56241bfac31d66037113fc28c3870451c377bd1052c0598a843858eb11f01a7ddd7a070e44d25e4adbf3f83a5d4e293ffa832f7a8462687ff0
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-