General
-
Target
11a73ecd93636524aa18faa28188b5217c81feddcbf72f00e327387fe5d59b5c
-
Size
216KB
-
Sample
220212-ghl3dagfe5
-
MD5
e33162ac3d02abc80e6e5a05a0a32a2d
-
SHA1
90b61e55d726d0f02ee7d2f2547f823b51e2df11
-
SHA256
11a73ecd93636524aa18faa28188b5217c81feddcbf72f00e327387fe5d59b5c
-
SHA512
df0bd7b8bdbe9e93d100c6a845f4307d5eab80ef616b3d2e5bb1d7fbe5a02d50013cfa2b3d4285f58951d09890fa043c115aa372d04145ad755f85f92e418315
Static task
static1
Behavioral task
behavioral1
Sample
11a73ecd93636524aa18faa28188b5217c81feddcbf72f00e327387fe5d59b5c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
11a73ecd93636524aa18faa28188b5217c81feddcbf72f00e327387fe5d59b5c.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
11a73ecd93636524aa18faa28188b5217c81feddcbf72f00e327387fe5d59b5c
-
Size
216KB
-
MD5
e33162ac3d02abc80e6e5a05a0a32a2d
-
SHA1
90b61e55d726d0f02ee7d2f2547f823b51e2df11
-
SHA256
11a73ecd93636524aa18faa28188b5217c81feddcbf72f00e327387fe5d59b5c
-
SHA512
df0bd7b8bdbe9e93d100c6a845f4307d5eab80ef616b3d2e5bb1d7fbe5a02d50013cfa2b3d4285f58951d09890fa043c115aa372d04145ad755f85f92e418315
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-