General
-
Target
0e4f04cd33cb4217381c544440d95c0afb51b8b2d091c6b0634a4b17683745d9
-
Size
191KB
-
Sample
220212-hzlcvahda9
-
MD5
5b09c0cd44a846f4cb26fbff79254e1a
-
SHA1
2c9d022692f996793076804cbe7f32847dfb7e55
-
SHA256
0e4f04cd33cb4217381c544440d95c0afb51b8b2d091c6b0634a4b17683745d9
-
SHA512
7d0446ed58b2648a03cfbe6550923fd549428adb72fc2e0341047feb3dfecd2ec3a29a44131d6218362b132c75f2e90bed57d853e78db4c94400f9b8283a3464
Static task
static1
Behavioral task
behavioral1
Sample
0e4f04cd33cb4217381c544440d95c0afb51b8b2d091c6b0634a4b17683745d9.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0e4f04cd33cb4217381c544440d95c0afb51b8b2d091c6b0634a4b17683745d9.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0e4f04cd33cb4217381c544440d95c0afb51b8b2d091c6b0634a4b17683745d9
-
Size
191KB
-
MD5
5b09c0cd44a846f4cb26fbff79254e1a
-
SHA1
2c9d022692f996793076804cbe7f32847dfb7e55
-
SHA256
0e4f04cd33cb4217381c544440d95c0afb51b8b2d091c6b0634a4b17683745d9
-
SHA512
7d0446ed58b2648a03cfbe6550923fd549428adb72fc2e0341047feb3dfecd2ec3a29a44131d6218362b132c75f2e90bed57d853e78db4c94400f9b8283a3464
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-