General
-
Target
11aabd6563e4b5659a014b7eb615862a9ad7637d60d6e45d38447a511b8f1a7c
-
Size
99KB
-
Sample
220212-ghchyagfe2
-
MD5
10b59510839dbfbd39946f1907d338a3
-
SHA1
7d107f82b510abe8a16c8f114766795b97101135
-
SHA256
11aabd6563e4b5659a014b7eb615862a9ad7637d60d6e45d38447a511b8f1a7c
-
SHA512
85db32eb56a417b7f686b895dc83a38d32d364b711dd181624ae16d9f4ebd1bf413f535553e0123dd415f81a33ec1d765f9da146e6fb194a8d9e6e28a9edc983
Static task
static1
Behavioral task
behavioral1
Sample
11aabd6563e4b5659a014b7eb615862a9ad7637d60d6e45d38447a511b8f1a7c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
11aabd6563e4b5659a014b7eb615862a9ad7637d60d6e45d38447a511b8f1a7c.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
11aabd6563e4b5659a014b7eb615862a9ad7637d60d6e45d38447a511b8f1a7c
-
Size
99KB
-
MD5
10b59510839dbfbd39946f1907d338a3
-
SHA1
7d107f82b510abe8a16c8f114766795b97101135
-
SHA256
11aabd6563e4b5659a014b7eb615862a9ad7637d60d6e45d38447a511b8f1a7c
-
SHA512
85db32eb56a417b7f686b895dc83a38d32d364b711dd181624ae16d9f4ebd1bf413f535553e0123dd415f81a33ec1d765f9da146e6fb194a8d9e6e28a9edc983
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-