General
-
Target
0ce9fd81347138b856dc7b6c010038096c8f78cd053806056adf7468f7c66712
-
Size
192KB
-
Sample
220212-jjcw7shff6
-
MD5
621956675cd9433813161011c9a4686e
-
SHA1
7f49b948231b1a763170a82ae365e879b2d7de32
-
SHA256
0ce9fd81347138b856dc7b6c010038096c8f78cd053806056adf7468f7c66712
-
SHA512
942b0ff47ec3a0e8a77b3b4dce5ce6d02d1a2d18780d0fb41e20c7d5d0a1defeb8cbb6593b872f528f99b0a7131f9a9d9d8d82e8d0b9285fd2feae39a4a34464
Static task
static1
Behavioral task
behavioral1
Sample
0ce9fd81347138b856dc7b6c010038096c8f78cd053806056adf7468f7c66712.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0ce9fd81347138b856dc7b6c010038096c8f78cd053806056adf7468f7c66712.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0ce9fd81347138b856dc7b6c010038096c8f78cd053806056adf7468f7c66712
-
Size
192KB
-
MD5
621956675cd9433813161011c9a4686e
-
SHA1
7f49b948231b1a763170a82ae365e879b2d7de32
-
SHA256
0ce9fd81347138b856dc7b6c010038096c8f78cd053806056adf7468f7c66712
-
SHA512
942b0ff47ec3a0e8a77b3b4dce5ce6d02d1a2d18780d0fb41e20c7d5d0a1defeb8cbb6593b872f528f99b0a7131f9a9d9d8d82e8d0b9285fd2feae39a4a34464
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-