General
-
Target
0e87d9fcfe6cd52604f842314ab1e7d288c6bbed298054b2bbef70948d453d7b
-
Size
212KB
-
Sample
220212-hxl7cshch3
-
MD5
48f59e27e1c2c83b42e5ca93d2f18291
-
SHA1
dc83e284fb6f023d0e1b89d69b40ee45f56f2136
-
SHA256
0e87d9fcfe6cd52604f842314ab1e7d288c6bbed298054b2bbef70948d453d7b
-
SHA512
1f057e38e66d2a0c040e788fa9b8aca027b262b7d3c58b710c03f17406b0f2a6525f94480ff74cd34b76aecee1ddd8ce7d207b2a32d993d16d173ea6a545e2d4
Behavioral task
behavioral1
Sample
0e87d9fcfe6cd52604f842314ab1e7d288c6bbed298054b2bbef70948d453d7b.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0e87d9fcfe6cd52604f842314ab1e7d288c6bbed298054b2bbef70948d453d7b.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0e87d9fcfe6cd52604f842314ab1e7d288c6bbed298054b2bbef70948d453d7b
-
Size
212KB
-
MD5
48f59e27e1c2c83b42e5ca93d2f18291
-
SHA1
dc83e284fb6f023d0e1b89d69b40ee45f56f2136
-
SHA256
0e87d9fcfe6cd52604f842314ab1e7d288c6bbed298054b2bbef70948d453d7b
-
SHA512
1f057e38e66d2a0c040e788fa9b8aca027b262b7d3c58b710c03f17406b0f2a6525f94480ff74cd34b76aecee1ddd8ce7d207b2a32d993d16d173ea6a545e2d4
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-