General
-
Target
110424f1d0a32b2dde22abc188793832f38fe5fd28e8c05c1f9d6a2453fa8b25
-
Size
99KB
-
Sample
220212-gr8mqsaddr
-
MD5
1c8dab60c1ed3d723615cf08569c0e22
-
SHA1
09b3376d4974e887a01ffb0e42f13f92c0ca9d79
-
SHA256
110424f1d0a32b2dde22abc188793832f38fe5fd28e8c05c1f9d6a2453fa8b25
-
SHA512
ff93f6fe428051f68a8069e2b728db06b97a4d5d392b733e171ed57f1861574c7e1f588cfde18f223f39691fe6a2fde07ce2b8649db8a6ee4ae1a889f47d86ee
Static task
static1
Behavioral task
behavioral1
Sample
110424f1d0a32b2dde22abc188793832f38fe5fd28e8c05c1f9d6a2453fa8b25.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
110424f1d0a32b2dde22abc188793832f38fe5fd28e8c05c1f9d6a2453fa8b25.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
110424f1d0a32b2dde22abc188793832f38fe5fd28e8c05c1f9d6a2453fa8b25
-
Size
99KB
-
MD5
1c8dab60c1ed3d723615cf08569c0e22
-
SHA1
09b3376d4974e887a01ffb0e42f13f92c0ca9d79
-
SHA256
110424f1d0a32b2dde22abc188793832f38fe5fd28e8c05c1f9d6a2453fa8b25
-
SHA512
ff93f6fe428051f68a8069e2b728db06b97a4d5d392b733e171ed57f1861574c7e1f588cfde18f223f39691fe6a2fde07ce2b8649db8a6ee4ae1a889f47d86ee
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-