General
-
Target
111e680556a2d906d58bfbf452d7fd1197b1f22b5223c7a3a33b4a435b4c7e84
-
Size
99KB
-
Sample
220212-gqt3ysgge7
-
MD5
c7b452a2e2a9aeeb1bb2b5096a50df08
-
SHA1
3773fc12c9d6de7b7112853cf3eed490588f3f1a
-
SHA256
111e680556a2d906d58bfbf452d7fd1197b1f22b5223c7a3a33b4a435b4c7e84
-
SHA512
4be5f55f7a39c4916d3e65433c5a7d11eee991ae98afb56999102cb90f2ffc3c11b45e84667a0118519e59ad961487fb8c6eca267da51b0bcafba640e4d03208
Static task
static1
Behavioral task
behavioral1
Sample
111e680556a2d906d58bfbf452d7fd1197b1f22b5223c7a3a33b4a435b4c7e84.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
111e680556a2d906d58bfbf452d7fd1197b1f22b5223c7a3a33b4a435b4c7e84.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
111e680556a2d906d58bfbf452d7fd1197b1f22b5223c7a3a33b4a435b4c7e84
-
Size
99KB
-
MD5
c7b452a2e2a9aeeb1bb2b5096a50df08
-
SHA1
3773fc12c9d6de7b7112853cf3eed490588f3f1a
-
SHA256
111e680556a2d906d58bfbf452d7fd1197b1f22b5223c7a3a33b4a435b4c7e84
-
SHA512
4be5f55f7a39c4916d3e65433c5a7d11eee991ae98afb56999102cb90f2ffc3c11b45e84667a0118519e59ad961487fb8c6eca267da51b0bcafba640e4d03208
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-