General
-
Target
113e316c5c2d7d2ea98c3afe11316a0b71c45224ac272560e15c8dbd529f510a
-
Size
216KB
-
Sample
220212-gnvxgaggc4
-
MD5
5283e1cbe4a966a760a68820e25eac74
-
SHA1
1dcc2ff1a6c55621e22009e7fb4348db2b0b2633
-
SHA256
113e316c5c2d7d2ea98c3afe11316a0b71c45224ac272560e15c8dbd529f510a
-
SHA512
b34bb8a186a44d88b4ecae1c85978a7dbb8b4f63d17fdbafd72b26d597688d3c978f9da776b175a5a41c54b547b03b0d19c4af686bd893cc693a65618c1a177f
Static task
static1
Behavioral task
behavioral1
Sample
113e316c5c2d7d2ea98c3afe11316a0b71c45224ac272560e15c8dbd529f510a.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
113e316c5c2d7d2ea98c3afe11316a0b71c45224ac272560e15c8dbd529f510a.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
113e316c5c2d7d2ea98c3afe11316a0b71c45224ac272560e15c8dbd529f510a
-
Size
216KB
-
MD5
5283e1cbe4a966a760a68820e25eac74
-
SHA1
1dcc2ff1a6c55621e22009e7fb4348db2b0b2633
-
SHA256
113e316c5c2d7d2ea98c3afe11316a0b71c45224ac272560e15c8dbd529f510a
-
SHA512
b34bb8a186a44d88b4ecae1c85978a7dbb8b4f63d17fdbafd72b26d597688d3c978f9da776b175a5a41c54b547b03b0d19c4af686bd893cc693a65618c1a177f
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-