General
-
Target
0f59b967edc7239c3d8869d516b06b25349f8d24a2a57f016094c9322194e0c7
-
Size
101KB
-
Sample
220212-heve1shbd6
-
MD5
ff9641541516d4a9967cc3ab3ee42645
-
SHA1
be27868c462630a5c8e000dffe49bff8a3c659e4
-
SHA256
0f59b967edc7239c3d8869d516b06b25349f8d24a2a57f016094c9322194e0c7
-
SHA512
cf4541029a619cd71fcab55bbb54b0289c8e00f2485ac9e1adbffde2071b6861ee158666f660ff01a73edd8abe0636289c5febb710ff6d26d16d56d37ce36a54
Static task
static1
Behavioral task
behavioral1
Sample
0f59b967edc7239c3d8869d516b06b25349f8d24a2a57f016094c9322194e0c7.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0f59b967edc7239c3d8869d516b06b25349f8d24a2a57f016094c9322194e0c7.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0f59b967edc7239c3d8869d516b06b25349f8d24a2a57f016094c9322194e0c7
-
Size
101KB
-
MD5
ff9641541516d4a9967cc3ab3ee42645
-
SHA1
be27868c462630a5c8e000dffe49bff8a3c659e4
-
SHA256
0f59b967edc7239c3d8869d516b06b25349f8d24a2a57f016094c9322194e0c7
-
SHA512
cf4541029a619cd71fcab55bbb54b0289c8e00f2485ac9e1adbffde2071b6861ee158666f660ff01a73edd8abe0636289c5febb710ff6d26d16d56d37ce36a54
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-