General
-
Target
10bca2a88b6fa182aac5f7423fa25c80f40fe37f5b697d5a7df48b0f597f0291
-
Size
99KB
-
Sample
220212-gv1fjaadgn
-
MD5
7d1fe5ce872c5713766f5b2c2df1d26d
-
SHA1
41195e9723c97386fcf222a992e9b814f2715d1e
-
SHA256
10bca2a88b6fa182aac5f7423fa25c80f40fe37f5b697d5a7df48b0f597f0291
-
SHA512
e4f38286f09f32e8a1b63ef28af0239bbfc4a31f1aeb2bff6b25f8b729121fc36f09cdbc18e219b70459a0976ee790259ca3f10a9e43fb7f37d655154a4cf4d7
Static task
static1
Behavioral task
behavioral1
Sample
10bca2a88b6fa182aac5f7423fa25c80f40fe37f5b697d5a7df48b0f597f0291.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
10bca2a88b6fa182aac5f7423fa25c80f40fe37f5b697d5a7df48b0f597f0291.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
10bca2a88b6fa182aac5f7423fa25c80f40fe37f5b697d5a7df48b0f597f0291
-
Size
99KB
-
MD5
7d1fe5ce872c5713766f5b2c2df1d26d
-
SHA1
41195e9723c97386fcf222a992e9b814f2715d1e
-
SHA256
10bca2a88b6fa182aac5f7423fa25c80f40fe37f5b697d5a7df48b0f597f0291
-
SHA512
e4f38286f09f32e8a1b63ef28af0239bbfc4a31f1aeb2bff6b25f8b729121fc36f09cdbc18e219b70459a0976ee790259ca3f10a9e43fb7f37d655154a4cf4d7
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-