General
-
Target
0edc26e68371e880e169d989f7f7ae4e7d52ea800af17bd530f4f7b9be50d929
-
Size
92KB
-
Sample
220212-hsxgjahcc8
-
MD5
c947c5f14492fbadab7a010d092c40e5
-
SHA1
f487dfc12b7d6fe69367ba16d9f84940fdf2b59c
-
SHA256
0edc26e68371e880e169d989f7f7ae4e7d52ea800af17bd530f4f7b9be50d929
-
SHA512
11e60d9d04c0e86cc162d5d57d303c184ba75085eec3d4bdf028b32cd046b739cab2e73ebe75871e07be5321c47435440840e639c2613d78b336b5ec9deab53d
Static task
static1
Behavioral task
behavioral1
Sample
0edc26e68371e880e169d989f7f7ae4e7d52ea800af17bd530f4f7b9be50d929.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0edc26e68371e880e169d989f7f7ae4e7d52ea800af17bd530f4f7b9be50d929.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0edc26e68371e880e169d989f7f7ae4e7d52ea800af17bd530f4f7b9be50d929
-
Size
92KB
-
MD5
c947c5f14492fbadab7a010d092c40e5
-
SHA1
f487dfc12b7d6fe69367ba16d9f84940fdf2b59c
-
SHA256
0edc26e68371e880e169d989f7f7ae4e7d52ea800af17bd530f4f7b9be50d929
-
SHA512
11e60d9d04c0e86cc162d5d57d303c184ba75085eec3d4bdf028b32cd046b739cab2e73ebe75871e07be5321c47435440840e639c2613d78b336b5ec9deab53d
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-