General
-
Target
11a80dc3d9c055d8bb3f3d14edc46ac0719135453b88f00d66c5791c8fa9b9a2
-
Size
99KB
-
Sample
220212-ghgsnaacdn
-
MD5
33cd9775cdf8b5add6dcf2f2ebbd461d
-
SHA1
ab2aab2fd4fa7aa7aefb15f667d9db4c253dc870
-
SHA256
11a80dc3d9c055d8bb3f3d14edc46ac0719135453b88f00d66c5791c8fa9b9a2
-
SHA512
cfeaa418781e752c20049d3a235060e4405ca80fd34b9d56d3fb02ce1add3270bc9120efac50f9ffb65cb977d1d28054c461a833ceb6de05f83247b1e72c03e4
Static task
static1
Behavioral task
behavioral1
Sample
11a80dc3d9c055d8bb3f3d14edc46ac0719135453b88f00d66c5791c8fa9b9a2.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
11a80dc3d9c055d8bb3f3d14edc46ac0719135453b88f00d66c5791c8fa9b9a2.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
11a80dc3d9c055d8bb3f3d14edc46ac0719135453b88f00d66c5791c8fa9b9a2
-
Size
99KB
-
MD5
33cd9775cdf8b5add6dcf2f2ebbd461d
-
SHA1
ab2aab2fd4fa7aa7aefb15f667d9db4c253dc870
-
SHA256
11a80dc3d9c055d8bb3f3d14edc46ac0719135453b88f00d66c5791c8fa9b9a2
-
SHA512
cfeaa418781e752c20049d3a235060e4405ca80fd34b9d56d3fb02ce1add3270bc9120efac50f9ffb65cb977d1d28054c461a833ceb6de05f83247b1e72c03e4
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-