General
-
Target
0d7c81e04d3496c37e898b0f182bd05047514c6d4d59417b1a3046576016f1d8
-
Size
99KB
-
Sample
220212-jaysbabahm
-
MD5
5d1c15e90754e64146c8795404770fb6
-
SHA1
e3767b712a8622c4854e7e35f397b64cbfdfe4d3
-
SHA256
0d7c81e04d3496c37e898b0f182bd05047514c6d4d59417b1a3046576016f1d8
-
SHA512
df39564d0cd2b287ad467aa1edd4a8f3c2dd04f66abe331349c3285d3c6c744c2c3712bef375dfeb032fd547095399aaea278a5154f5bb438c493c3fd49eae78
Static task
static1
Behavioral task
behavioral1
Sample
0d7c81e04d3496c37e898b0f182bd05047514c6d4d59417b1a3046576016f1d8.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0d7c81e04d3496c37e898b0f182bd05047514c6d4d59417b1a3046576016f1d8.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0d7c81e04d3496c37e898b0f182bd05047514c6d4d59417b1a3046576016f1d8
-
Size
99KB
-
MD5
5d1c15e90754e64146c8795404770fb6
-
SHA1
e3767b712a8622c4854e7e35f397b64cbfdfe4d3
-
SHA256
0d7c81e04d3496c37e898b0f182bd05047514c6d4d59417b1a3046576016f1d8
-
SHA512
df39564d0cd2b287ad467aa1edd4a8f3c2dd04f66abe331349c3285d3c6c744c2c3712bef375dfeb032fd547095399aaea278a5154f5bb438c493c3fd49eae78
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-