General
-
Target
10df52f6e02ee88b2ffb36bc501b7f062e904ebea190d66143ebf0d35c0ea449
-
Size
192KB
-
Sample
220212-gtxy1sggh9
-
MD5
11a173a32cf17a8e9a56a653401f18ce
-
SHA1
50578ae584965e0fad3acaf8b26932846f622156
-
SHA256
10df52f6e02ee88b2ffb36bc501b7f062e904ebea190d66143ebf0d35c0ea449
-
SHA512
ed0a73650ea5e37e1a5a34f92fc4e8931dc4c338ab8c5518492b6f89a71f443d1fc4c69a0e3b7c7866d4c19873c4a1d87ebdba8c8ef8bdae0c6cdcbd9eff08c6
Static task
static1
Behavioral task
behavioral1
Sample
10df52f6e02ee88b2ffb36bc501b7f062e904ebea190d66143ebf0d35c0ea449.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
10df52f6e02ee88b2ffb36bc501b7f062e904ebea190d66143ebf0d35c0ea449.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
10df52f6e02ee88b2ffb36bc501b7f062e904ebea190d66143ebf0d35c0ea449
-
Size
192KB
-
MD5
11a173a32cf17a8e9a56a653401f18ce
-
SHA1
50578ae584965e0fad3acaf8b26932846f622156
-
SHA256
10df52f6e02ee88b2ffb36bc501b7f062e904ebea190d66143ebf0d35c0ea449
-
SHA512
ed0a73650ea5e37e1a5a34f92fc4e8931dc4c338ab8c5518492b6f89a71f443d1fc4c69a0e3b7c7866d4c19873c4a1d87ebdba8c8ef8bdae0c6cdcbd9eff08c6
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-