General
-
Target
11723c197be14cb35881337c1cb89584f7241dfd876daafa5ed875e7e95b6d86
-
Size
176KB
-
Sample
220212-gkytysgfg9
-
MD5
98d219ef049a8e1392df2b27a93d0acf
-
SHA1
952650b094e824a0dd13ece97dea33ea09946fc4
-
SHA256
11723c197be14cb35881337c1cb89584f7241dfd876daafa5ed875e7e95b6d86
-
SHA512
ef8b5142515f157910d1fbcc2774bdd0c5401b9565d23c936a261c8c76be13bbc0526bd5a12588bad7410f3aaf29ccc55b7050164bd10656ae1bdc58a49cf887
Static task
static1
Behavioral task
behavioral1
Sample
11723c197be14cb35881337c1cb89584f7241dfd876daafa5ed875e7e95b6d86.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
11723c197be14cb35881337c1cb89584f7241dfd876daafa5ed875e7e95b6d86.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
11723c197be14cb35881337c1cb89584f7241dfd876daafa5ed875e7e95b6d86
-
Size
176KB
-
MD5
98d219ef049a8e1392df2b27a93d0acf
-
SHA1
952650b094e824a0dd13ece97dea33ea09946fc4
-
SHA256
11723c197be14cb35881337c1cb89584f7241dfd876daafa5ed875e7e95b6d86
-
SHA512
ef8b5142515f157910d1fbcc2774bdd0c5401b9565d23c936a261c8c76be13bbc0526bd5a12588bad7410f3aaf29ccc55b7050164bd10656ae1bdc58a49cf887
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-