General
-
Target
11345359b634c183e330196466dc70b8e0feaee70a419b1ea012707967b9e484
-
Size
150KB
-
Sample
220212-gpelwaggd4
-
MD5
b5d3c0728736eeb2227e4e92cf9f5d58
-
SHA1
99c367f1252bd0f1611a1a3c7c41c9164e820636
-
SHA256
11345359b634c183e330196466dc70b8e0feaee70a419b1ea012707967b9e484
-
SHA512
bbb4112e6f827abcc9bac7d5713176eef0773d34caee4fde1ebfb4ab3d43f1284fe7c387a3f3999e7555d9eb7dbf42aa3603d5c6c79a99764932d3e4e85154b1
Static task
static1
Behavioral task
behavioral1
Sample
11345359b634c183e330196466dc70b8e0feaee70a419b1ea012707967b9e484.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
11345359b634c183e330196466dc70b8e0feaee70a419b1ea012707967b9e484.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
11345359b634c183e330196466dc70b8e0feaee70a419b1ea012707967b9e484
-
Size
150KB
-
MD5
b5d3c0728736eeb2227e4e92cf9f5d58
-
SHA1
99c367f1252bd0f1611a1a3c7c41c9164e820636
-
SHA256
11345359b634c183e330196466dc70b8e0feaee70a419b1ea012707967b9e484
-
SHA512
bbb4112e6f827abcc9bac7d5713176eef0773d34caee4fde1ebfb4ab3d43f1284fe7c387a3f3999e7555d9eb7dbf42aa3603d5c6c79a99764932d3e4e85154b1
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-