General
-
Target
0efec64d0a07dfdbaf58e1f6e37c14be5c6c705106fea6e709c0b7a9d5ef7a02
-
Size
92KB
-
Sample
220212-hqkd7ahca5
-
MD5
fd86893d8eccbd35a56694913f311916
-
SHA1
d750323be92ec06d158b743572b8c7f0f7a939a1
-
SHA256
0efec64d0a07dfdbaf58e1f6e37c14be5c6c705106fea6e709c0b7a9d5ef7a02
-
SHA512
adae3593f458a395e660ac9592706920cab2846e17d19850861299cb348d3a31216adebe93fbb45233a4129621404689d263e64021e92ac92576dcc620af98b9
Static task
static1
Behavioral task
behavioral1
Sample
0efec64d0a07dfdbaf58e1f6e37c14be5c6c705106fea6e709c0b7a9d5ef7a02.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0efec64d0a07dfdbaf58e1f6e37c14be5c6c705106fea6e709c0b7a9d5ef7a02.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0efec64d0a07dfdbaf58e1f6e37c14be5c6c705106fea6e709c0b7a9d5ef7a02
-
Size
92KB
-
MD5
fd86893d8eccbd35a56694913f311916
-
SHA1
d750323be92ec06d158b743572b8c7f0f7a939a1
-
SHA256
0efec64d0a07dfdbaf58e1f6e37c14be5c6c705106fea6e709c0b7a9d5ef7a02
-
SHA512
adae3593f458a395e660ac9592706920cab2846e17d19850861299cb348d3a31216adebe93fbb45233a4129621404689d263e64021e92ac92576dcc620af98b9
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-