General
-
Target
0b3e128c6e2142567c49a4765a827f310aef830fee9efcfa50fb7b590d2d7cf2
-
Size
101KB
-
Sample
220212-j9ll2aaae7
-
MD5
5c73f381c5b0c60fae0f5133c3e6cbc8
-
SHA1
16919faedfed2ca29334e3560d5927193bfcc6e3
-
SHA256
0b3e128c6e2142567c49a4765a827f310aef830fee9efcfa50fb7b590d2d7cf2
-
SHA512
c83512447d1d92abb86890a1515cbe7919dd9ec45c0ec3dbb18991a003ea9b739c49a4702b04295209e069edfb0d8a387b52fc3dc2a59edaf3841f234c7835bd
Static task
static1
Behavioral task
behavioral1
Sample
0b3e128c6e2142567c49a4765a827f310aef830fee9efcfa50fb7b590d2d7cf2.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0b3e128c6e2142567c49a4765a827f310aef830fee9efcfa50fb7b590d2d7cf2.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0b3e128c6e2142567c49a4765a827f310aef830fee9efcfa50fb7b590d2d7cf2
-
Size
101KB
-
MD5
5c73f381c5b0c60fae0f5133c3e6cbc8
-
SHA1
16919faedfed2ca29334e3560d5927193bfcc6e3
-
SHA256
0b3e128c6e2142567c49a4765a827f310aef830fee9efcfa50fb7b590d2d7cf2
-
SHA512
c83512447d1d92abb86890a1515cbe7919dd9ec45c0ec3dbb18991a003ea9b739c49a4702b04295209e069edfb0d8a387b52fc3dc2a59edaf3841f234c7835bd
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-