General
-
Target
108f648bd4c81c61f23b60d7908dc2f7608702d5ff24082dfeb74212b6a8a85f
-
Size
150KB
-
Sample
220212-gysj4aghd8
-
MD5
bfe6ee0706b0d3ceb14b361926b1c4ec
-
SHA1
14f31cf349e5373a17c6904319817876d061cdc8
-
SHA256
108f648bd4c81c61f23b60d7908dc2f7608702d5ff24082dfeb74212b6a8a85f
-
SHA512
e669d8218ba1ee84a9638fc12b352a6bb8ea1a99fbc49137ef7cd838bfda9d752870ea0c7962bbe7d1c8f4c649c10c69393b003ce7d5dae5e5a836298f21530b
Static task
static1
Behavioral task
behavioral1
Sample
108f648bd4c81c61f23b60d7908dc2f7608702d5ff24082dfeb74212b6a8a85f.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
108f648bd4c81c61f23b60d7908dc2f7608702d5ff24082dfeb74212b6a8a85f.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
108f648bd4c81c61f23b60d7908dc2f7608702d5ff24082dfeb74212b6a8a85f
-
Size
150KB
-
MD5
bfe6ee0706b0d3ceb14b361926b1c4ec
-
SHA1
14f31cf349e5373a17c6904319817876d061cdc8
-
SHA256
108f648bd4c81c61f23b60d7908dc2f7608702d5ff24082dfeb74212b6a8a85f
-
SHA512
e669d8218ba1ee84a9638fc12b352a6bb8ea1a99fbc49137ef7cd838bfda9d752870ea0c7962bbe7d1c8f4c649c10c69393b003ce7d5dae5e5a836298f21530b
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-