General
-
Target
0dbe0b854ffb4de62e1c1ff4532d360b60a228207001413f5941117158e9512c
-
Size
150KB
-
Sample
220212-h71shaheb2
-
MD5
3bc375bbe93ee08a461fd1bf42c79b75
-
SHA1
c04e6a527584761c5b77138c218d1e8be81e08e3
-
SHA256
0dbe0b854ffb4de62e1c1ff4532d360b60a228207001413f5941117158e9512c
-
SHA512
c380a6e7d06a89d5e860fb721ae7c998f9ac0b54742169685bced238c1339ef786d363ffe2b6ec5ab35e517c4c5d680d061d432eab6a4626949a8ce3329ae720
Static task
static1
Behavioral task
behavioral1
Sample
0dbe0b854ffb4de62e1c1ff4532d360b60a228207001413f5941117158e9512c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0dbe0b854ffb4de62e1c1ff4532d360b60a228207001413f5941117158e9512c.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0dbe0b854ffb4de62e1c1ff4532d360b60a228207001413f5941117158e9512c
-
Size
150KB
-
MD5
3bc375bbe93ee08a461fd1bf42c79b75
-
SHA1
c04e6a527584761c5b77138c218d1e8be81e08e3
-
SHA256
0dbe0b854ffb4de62e1c1ff4532d360b60a228207001413f5941117158e9512c
-
SHA512
c380a6e7d06a89d5e860fb721ae7c998f9ac0b54742169685bced238c1339ef786d363ffe2b6ec5ab35e517c4c5d680d061d432eab6a4626949a8ce3329ae720
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-