General
-
Target
0db2aa199afcc432726675f9f75a82e436e14b27e09c6cf837b9c43ff127b3f6
-
Size
99KB
-
Sample
220212-h8h9vabafp
-
MD5
caa074edf19cd9ab9dd4720682a6c90c
-
SHA1
33e03bb69e20f8d68b89c3ef18f742fff3578fc3
-
SHA256
0db2aa199afcc432726675f9f75a82e436e14b27e09c6cf837b9c43ff127b3f6
-
SHA512
5e5bf143dce2904b09325ee1ea58be6ebc9660e0035c1ad40404cb58cf28d53655bbbed5aa45ffc4812eb09a27b5d85d9d3c7d0f6d3bd637280e91ea1cf65f81
Static task
static1
Behavioral task
behavioral1
Sample
0db2aa199afcc432726675f9f75a82e436e14b27e09c6cf837b9c43ff127b3f6.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0db2aa199afcc432726675f9f75a82e436e14b27e09c6cf837b9c43ff127b3f6.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0db2aa199afcc432726675f9f75a82e436e14b27e09c6cf837b9c43ff127b3f6
-
Size
99KB
-
MD5
caa074edf19cd9ab9dd4720682a6c90c
-
SHA1
33e03bb69e20f8d68b89c3ef18f742fff3578fc3
-
SHA256
0db2aa199afcc432726675f9f75a82e436e14b27e09c6cf837b9c43ff127b3f6
-
SHA512
5e5bf143dce2904b09325ee1ea58be6ebc9660e0035c1ad40404cb58cf28d53655bbbed5aa45ffc4812eb09a27b5d85d9d3c7d0f6d3bd637280e91ea1cf65f81
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-