General
-
Target
10840bc7ae3c97f43e9eb6f5d94e6eeada279590e427e5da77909ba67c370019
-
Size
216KB
-
Sample
220212-gzp6csghe9
-
MD5
358182eec28d565959f49a14783e5c89
-
SHA1
dc67a7e61fc74752ad700922ded0275c07b58d39
-
SHA256
10840bc7ae3c97f43e9eb6f5d94e6eeada279590e427e5da77909ba67c370019
-
SHA512
ab0144eb7bca3dc6f8252d6f8d7f37236017d7356c5c0ef422e429cc3b3ebc6984833b6ce3b2d772f296d04c52026f5987b4480573ee3da41a94537e22eac16b
Static task
static1
Behavioral task
behavioral1
Sample
10840bc7ae3c97f43e9eb6f5d94e6eeada279590e427e5da77909ba67c370019.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
10840bc7ae3c97f43e9eb6f5d94e6eeada279590e427e5da77909ba67c370019.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
10840bc7ae3c97f43e9eb6f5d94e6eeada279590e427e5da77909ba67c370019
-
Size
216KB
-
MD5
358182eec28d565959f49a14783e5c89
-
SHA1
dc67a7e61fc74752ad700922ded0275c07b58d39
-
SHA256
10840bc7ae3c97f43e9eb6f5d94e6eeada279590e427e5da77909ba67c370019
-
SHA512
ab0144eb7bca3dc6f8252d6f8d7f37236017d7356c5c0ef422e429cc3b3ebc6984833b6ce3b2d772f296d04c52026f5987b4480573ee3da41a94537e22eac16b
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-