General
-
Target
0b81113cddb6608d826c86d1981a4207557d5e357772a6bcba331e705db225b8
-
Size
92KB
-
Sample
220212-j33xqshhg6
-
MD5
ca170c50e568b523505e083701986786
-
SHA1
1514d16cffc1db88ce1143cc6e4c6d72b0db7bef
-
SHA256
0b81113cddb6608d826c86d1981a4207557d5e357772a6bcba331e705db225b8
-
SHA512
b4f5e738ca59a8728e2a37fca1107ef20dbddb750185a0139ba1c428b230c64f8ea7ce3146eac79fd3c16a7479f74698f6441dbc201b4e5b5aa22aaa57376301
Static task
static1
Behavioral task
behavioral1
Sample
0b81113cddb6608d826c86d1981a4207557d5e357772a6bcba331e705db225b8.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0b81113cddb6608d826c86d1981a4207557d5e357772a6bcba331e705db225b8.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0b81113cddb6608d826c86d1981a4207557d5e357772a6bcba331e705db225b8
-
Size
92KB
-
MD5
ca170c50e568b523505e083701986786
-
SHA1
1514d16cffc1db88ce1143cc6e4c6d72b0db7bef
-
SHA256
0b81113cddb6608d826c86d1981a4207557d5e357772a6bcba331e705db225b8
-
SHA512
b4f5e738ca59a8728e2a37fca1107ef20dbddb750185a0139ba1c428b230c64f8ea7ce3146eac79fd3c16a7479f74698f6441dbc201b4e5b5aa22aaa57376301
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-