General
-
Target
0e878fda6b8f8ce32e0e94222aaf5a2854d33e198130a8d6fff3f606ec8cf31c
-
Size
79KB
-
Sample
220212-hxpbqaahdl
-
MD5
82a3a79aa05c0eeaa09161bf2691370f
-
SHA1
e87e3aa099faf5824f25b379db38a4905242c306
-
SHA256
0e878fda6b8f8ce32e0e94222aaf5a2854d33e198130a8d6fff3f606ec8cf31c
-
SHA512
803ef3f007e891b0dbb04245b597787c65029d0e6d79738c579e3564328d73b19c91e832939994b7d2547dd31034f58806f2fac6ced2a617624e00409e1bea49
Static task
static1
Behavioral task
behavioral1
Sample
0e878fda6b8f8ce32e0e94222aaf5a2854d33e198130a8d6fff3f606ec8cf31c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0e878fda6b8f8ce32e0e94222aaf5a2854d33e198130a8d6fff3f606ec8cf31c.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0e878fda6b8f8ce32e0e94222aaf5a2854d33e198130a8d6fff3f606ec8cf31c
-
Size
79KB
-
MD5
82a3a79aa05c0eeaa09161bf2691370f
-
SHA1
e87e3aa099faf5824f25b379db38a4905242c306
-
SHA256
0e878fda6b8f8ce32e0e94222aaf5a2854d33e198130a8d6fff3f606ec8cf31c
-
SHA512
803ef3f007e891b0dbb04245b597787c65029d0e6d79738c579e3564328d73b19c91e832939994b7d2547dd31034f58806f2fac6ced2a617624e00409e1bea49
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-