General
-
Target
109c4837746c61f7a6a4081859fe47c99efcb4e5283b62365c1c0837cc3662e8
-
Size
99KB
-
Sample
220212-gx7ydsaear
-
MD5
8690440d4f855c2d03e5039eb7caa2d5
-
SHA1
39ac37805929f32575a8ba762d3d454f5c0f02d4
-
SHA256
109c4837746c61f7a6a4081859fe47c99efcb4e5283b62365c1c0837cc3662e8
-
SHA512
e9b5ac2bcfd722a36c60a896058f5616f124b4169a6bab4aa0d1f7482fe2145473cfe5206fa02a8211be74ef9fcc007c9c3e248f0eb9a15b1bb7e06ac6570ef9
Static task
static1
Behavioral task
behavioral1
Sample
109c4837746c61f7a6a4081859fe47c99efcb4e5283b62365c1c0837cc3662e8.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
109c4837746c61f7a6a4081859fe47c99efcb4e5283b62365c1c0837cc3662e8.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
109c4837746c61f7a6a4081859fe47c99efcb4e5283b62365c1c0837cc3662e8
-
Size
99KB
-
MD5
8690440d4f855c2d03e5039eb7caa2d5
-
SHA1
39ac37805929f32575a8ba762d3d454f5c0f02d4
-
SHA256
109c4837746c61f7a6a4081859fe47c99efcb4e5283b62365c1c0837cc3662e8
-
SHA512
e9b5ac2bcfd722a36c60a896058f5616f124b4169a6bab4aa0d1f7482fe2145473cfe5206fa02a8211be74ef9fcc007c9c3e248f0eb9a15b1bb7e06ac6570ef9
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-