General
-
Target
0f6ebe9c0d86969117a75238bb51ecf4d2e73a2efdb503bd7d7aa2eb392b813a
-
Size
80KB
-
Sample
220212-hd24gaagan
-
MD5
8d842edb121e09b42191396ceb0983c5
-
SHA1
4d65c006350f7dc147ba3ee0a740920a64882d3f
-
SHA256
0f6ebe9c0d86969117a75238bb51ecf4d2e73a2efdb503bd7d7aa2eb392b813a
-
SHA512
fae5527e9be929fada94ebcb9849d406fec1aded418cbcf05c63202e2b857e5db5d51cd11872ea32cc5ac68ef0a1861f5f90684f2b78e21ed1a9b30b756f9405
Static task
static1
Behavioral task
behavioral1
Sample
0f6ebe9c0d86969117a75238bb51ecf4d2e73a2efdb503bd7d7aa2eb392b813a.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0f6ebe9c0d86969117a75238bb51ecf4d2e73a2efdb503bd7d7aa2eb392b813a.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0f6ebe9c0d86969117a75238bb51ecf4d2e73a2efdb503bd7d7aa2eb392b813a
-
Size
80KB
-
MD5
8d842edb121e09b42191396ceb0983c5
-
SHA1
4d65c006350f7dc147ba3ee0a740920a64882d3f
-
SHA256
0f6ebe9c0d86969117a75238bb51ecf4d2e73a2efdb503bd7d7aa2eb392b813a
-
SHA512
fae5527e9be929fada94ebcb9849d406fec1aded418cbcf05c63202e2b857e5db5d51cd11872ea32cc5ac68ef0a1861f5f90684f2b78e21ed1a9b30b756f9405
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-