General
-
Target
0b4e48fba903bd0b4394566d886809e75a563936201e4d06239970a6e3e3c8c6
-
Size
79KB
-
Sample
220212-j7fyrsbfaj
-
MD5
1d15ab42a56c1ae77a83faa7d74b9afe
-
SHA1
186021f276a3de52f9848e1969b234a6b6c367a4
-
SHA256
0b4e48fba903bd0b4394566d886809e75a563936201e4d06239970a6e3e3c8c6
-
SHA512
2875e6daf33590c93c7182d16d3c0c051526e49e77e728374e0b55150f28acd5a79a0f2cab78fd68cdf5a431c27372f38e8d8d206d833274f198796ee47036da
Static task
static1
Behavioral task
behavioral1
Sample
0b4e48fba903bd0b4394566d886809e75a563936201e4d06239970a6e3e3c8c6.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0b4e48fba903bd0b4394566d886809e75a563936201e4d06239970a6e3e3c8c6.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0b4e48fba903bd0b4394566d886809e75a563936201e4d06239970a6e3e3c8c6
-
Size
79KB
-
MD5
1d15ab42a56c1ae77a83faa7d74b9afe
-
SHA1
186021f276a3de52f9848e1969b234a6b6c367a4
-
SHA256
0b4e48fba903bd0b4394566d886809e75a563936201e4d06239970a6e3e3c8c6
-
SHA512
2875e6daf33590c93c7182d16d3c0c051526e49e77e728374e0b55150f28acd5a79a0f2cab78fd68cdf5a431c27372f38e8d8d206d833274f198796ee47036da
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-