General
-
Target
10b0db4452dcc705c7c6d48428162cb5a73423fd258ea0b56601f6b0723623a5
-
Size
216KB
-
Sample
220212-gw2d8aghb9
-
MD5
92bd0295f2b2ca150bd0d453254643d7
-
SHA1
302f7035949fac92c48e4db24dbbea9888394d89
-
SHA256
10b0db4452dcc705c7c6d48428162cb5a73423fd258ea0b56601f6b0723623a5
-
SHA512
cd7836e887aa8589a8d5043ebec9db8fca0aa7d8cc6e8bbf796abab4a8289ceef610ddaa235314936307bd97fbd36ff7ddf1c0f7d29e0867da73aa3d0a2a4fed
Static task
static1
Behavioral task
behavioral1
Sample
10b0db4452dcc705c7c6d48428162cb5a73423fd258ea0b56601f6b0723623a5.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
10b0db4452dcc705c7c6d48428162cb5a73423fd258ea0b56601f6b0723623a5.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
10b0db4452dcc705c7c6d48428162cb5a73423fd258ea0b56601f6b0723623a5
-
Size
216KB
-
MD5
92bd0295f2b2ca150bd0d453254643d7
-
SHA1
302f7035949fac92c48e4db24dbbea9888394d89
-
SHA256
10b0db4452dcc705c7c6d48428162cb5a73423fd258ea0b56601f6b0723623a5
-
SHA512
cd7836e887aa8589a8d5043ebec9db8fca0aa7d8cc6e8bbf796abab4a8289ceef610ddaa235314936307bd97fbd36ff7ddf1c0f7d29e0867da73aa3d0a2a4fed
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-