General
-
Target
0d6ffd2be024ed0e4672f7894635ffc3860895a7b12b18e9d3cf16cd44f8989f
-
Size
36KB
-
Sample
220212-jbr16abbam
-
MD5
1a161edfc85358a0fd3beb9f124c82ea
-
SHA1
2c9c8cf4c3978223988d4213aa483c5c444862c4
-
SHA256
0d6ffd2be024ed0e4672f7894635ffc3860895a7b12b18e9d3cf16cd44f8989f
-
SHA512
bd53d051fb756e7b8fd96eb51e37f41aa172b640020a35c74a5336e1b4a2440d84f6f78872762a69ae3b43403bfd5aa639cc953825a02a756979acfc61c68ea6
Static task
static1
Behavioral task
behavioral1
Sample
0d6ffd2be024ed0e4672f7894635ffc3860895a7b12b18e9d3cf16cd44f8989f.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0d6ffd2be024ed0e4672f7894635ffc3860895a7b12b18e9d3cf16cd44f8989f.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0d6ffd2be024ed0e4672f7894635ffc3860895a7b12b18e9d3cf16cd44f8989f
-
Size
36KB
-
MD5
1a161edfc85358a0fd3beb9f124c82ea
-
SHA1
2c9c8cf4c3978223988d4213aa483c5c444862c4
-
SHA256
0d6ffd2be024ed0e4672f7894635ffc3860895a7b12b18e9d3cf16cd44f8989f
-
SHA512
bd53d051fb756e7b8fd96eb51e37f41aa172b640020a35c74a5336e1b4a2440d84f6f78872762a69ae3b43403bfd5aa639cc953825a02a756979acfc61c68ea6
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-