General
-
Target
10a5481ac47af2d10bf339312938392ba9c59dd8dde56c72e4908c7b4d44aa75
-
Size
168KB
-
Sample
220212-gxqzwaghc7
-
MD5
f6315d56c3cd55feabf1adaf02604e74
-
SHA1
7d2d6659cca0ff4b848376c6f8c8f27e6f08e657
-
SHA256
10a5481ac47af2d10bf339312938392ba9c59dd8dde56c72e4908c7b4d44aa75
-
SHA512
fcc7b1814245e9494c1231ec47f627f342315776108c723fce9df149efe39f5092564ff01d57defcb0f91a34d3f7584d49e6d6c2a5762c6fd23096abf49c67c2
Static task
static1
Behavioral task
behavioral1
Sample
10a5481ac47af2d10bf339312938392ba9c59dd8dde56c72e4908c7b4d44aa75.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
10a5481ac47af2d10bf339312938392ba9c59dd8dde56c72e4908c7b4d44aa75.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
10a5481ac47af2d10bf339312938392ba9c59dd8dde56c72e4908c7b4d44aa75
-
Size
168KB
-
MD5
f6315d56c3cd55feabf1adaf02604e74
-
SHA1
7d2d6659cca0ff4b848376c6f8c8f27e6f08e657
-
SHA256
10a5481ac47af2d10bf339312938392ba9c59dd8dde56c72e4908c7b4d44aa75
-
SHA512
fcc7b1814245e9494c1231ec47f627f342315776108c723fce9df149efe39f5092564ff01d57defcb0f91a34d3f7584d49e6d6c2a5762c6fd23096abf49c67c2
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-