General
-
Target
0da58db447dcdeacd572fb2e83b03e4244cbd9ea00516e3731b50f6681d4d357
-
Size
79KB
-
Sample
220212-h8staaheb9
-
MD5
f1bb11a03dc06d65a0df3a2da49d8e7b
-
SHA1
9d7bd4ea013bf34406d7bb9c500e25b29a158db0
-
SHA256
0da58db447dcdeacd572fb2e83b03e4244cbd9ea00516e3731b50f6681d4d357
-
SHA512
638c7f384d876618b608cdd75735b8c2fa0fc94573e9b8b07f445bd6e6be224df062de7000783bcb26be9d6928092878f9b5fe692c9bd18e5de248d8b376ba86
Static task
static1
Behavioral task
behavioral1
Sample
0da58db447dcdeacd572fb2e83b03e4244cbd9ea00516e3731b50f6681d4d357.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0da58db447dcdeacd572fb2e83b03e4244cbd9ea00516e3731b50f6681d4d357.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0da58db447dcdeacd572fb2e83b03e4244cbd9ea00516e3731b50f6681d4d357
-
Size
79KB
-
MD5
f1bb11a03dc06d65a0df3a2da49d8e7b
-
SHA1
9d7bd4ea013bf34406d7bb9c500e25b29a158db0
-
SHA256
0da58db447dcdeacd572fb2e83b03e4244cbd9ea00516e3731b50f6681d4d357
-
SHA512
638c7f384d876618b608cdd75735b8c2fa0fc94573e9b8b07f445bd6e6be224df062de7000783bcb26be9d6928092878f9b5fe692c9bd18e5de248d8b376ba86
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-