General
-
Target
0dd2f95ab33eeccb4d6d4485f499ed32aa76ef2dd36d56d75d47aa4943cd340e
-
Size
216KB
-
Sample
220212-h6qadahdh8
-
MD5
98f065347843bde16fb0c96042555b63
-
SHA1
726e024f15cb8f4cb4d2602c20f3056ffbe485cb
-
SHA256
0dd2f95ab33eeccb4d6d4485f499ed32aa76ef2dd36d56d75d47aa4943cd340e
-
SHA512
f655eb49c0eb6dc6ae85ff896bf20eccc33bcfbad06734fc28ecafb29522d13f4859c9a9a610e392587ce11de32e0e042e8f860076394bc35333cdac46a00bf8
Static task
static1
Behavioral task
behavioral1
Sample
0dd2f95ab33eeccb4d6d4485f499ed32aa76ef2dd36d56d75d47aa4943cd340e.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0dd2f95ab33eeccb4d6d4485f499ed32aa76ef2dd36d56d75d47aa4943cd340e.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0dd2f95ab33eeccb4d6d4485f499ed32aa76ef2dd36d56d75d47aa4943cd340e
-
Size
216KB
-
MD5
98f065347843bde16fb0c96042555b63
-
SHA1
726e024f15cb8f4cb4d2602c20f3056ffbe485cb
-
SHA256
0dd2f95ab33eeccb4d6d4485f499ed32aa76ef2dd36d56d75d47aa4943cd340e
-
SHA512
f655eb49c0eb6dc6ae85ff896bf20eccc33bcfbad06734fc28ecafb29522d13f4859c9a9a610e392587ce11de32e0e042e8f860076394bc35333cdac46a00bf8
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-