General
-
Target
0dd9df1713a7adb825dbf06f1490b2df42ad96aab773252cf1eee702f0df9109
-
Size
192KB
-
Sample
220212-h6h63ahdh7
-
MD5
1ed60c481ca02688c177e3cc73dfd992
-
SHA1
b30a662f49386fe9406f34a08bffb8940f95f5fd
-
SHA256
0dd9df1713a7adb825dbf06f1490b2df42ad96aab773252cf1eee702f0df9109
-
SHA512
c292e82482910ec0f4071af036d1a468d8a56d802f114050afa6f560b92b0c0cd5d98240f02314e84851526b7cc4b6137914a91949cfb18ea4d1bf2325779b21
Static task
static1
Behavioral task
behavioral1
Sample
0dd9df1713a7adb825dbf06f1490b2df42ad96aab773252cf1eee702f0df9109.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0dd9df1713a7adb825dbf06f1490b2df42ad96aab773252cf1eee702f0df9109.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0dd9df1713a7adb825dbf06f1490b2df42ad96aab773252cf1eee702f0df9109
-
Size
192KB
-
MD5
1ed60c481ca02688c177e3cc73dfd992
-
SHA1
b30a662f49386fe9406f34a08bffb8940f95f5fd
-
SHA256
0dd9df1713a7adb825dbf06f1490b2df42ad96aab773252cf1eee702f0df9109
-
SHA512
c292e82482910ec0f4071af036d1a468d8a56d802f114050afa6f560b92b0c0cd5d98240f02314e84851526b7cc4b6137914a91949cfb18ea4d1bf2325779b21
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-