General
-
Target
11d59232d743ac8dfe3b56c823df617d9fd8ab828b84ff8b438ec01a5da46893
-
Size
101KB
-
Sample
220212-gfaxbsgfb5
-
MD5
e569745fdd0c6c68f154571598cb0ffd
-
SHA1
a8883fc1f2fa8b82232f275e0979f7ba8208dcf8
-
SHA256
11d59232d743ac8dfe3b56c823df617d9fd8ab828b84ff8b438ec01a5da46893
-
SHA512
724e7a19c545aadf878fab537775b127da0e83d642b40ff708bbf2460991e86ddf289137ba9f11d6ef01a23175bff3cac11b96c2bb5ec0ce84b4ddee98ee850d
Static task
static1
Behavioral task
behavioral1
Sample
11d59232d743ac8dfe3b56c823df617d9fd8ab828b84ff8b438ec01a5da46893.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
11d59232d743ac8dfe3b56c823df617d9fd8ab828b84ff8b438ec01a5da46893.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
11d59232d743ac8dfe3b56c823df617d9fd8ab828b84ff8b438ec01a5da46893
-
Size
101KB
-
MD5
e569745fdd0c6c68f154571598cb0ffd
-
SHA1
a8883fc1f2fa8b82232f275e0979f7ba8208dcf8
-
SHA256
11d59232d743ac8dfe3b56c823df617d9fd8ab828b84ff8b438ec01a5da46893
-
SHA512
724e7a19c545aadf878fab537775b127da0e83d642b40ff708bbf2460991e86ddf289137ba9f11d6ef01a23175bff3cac11b96c2bb5ec0ce84b4ddee98ee850d
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-