General
-
Target
0be88ec4731d800bfa3b47cba7fe1f220844e187faba227a7d5fd9abd9562571
-
Size
191KB
-
Sample
220212-jwt19ahha3
-
MD5
0d7339a273911575be1efdee44bc7a48
-
SHA1
537114b4cdc9ff337c4a896af04c9d072ee99081
-
SHA256
0be88ec4731d800bfa3b47cba7fe1f220844e187faba227a7d5fd9abd9562571
-
SHA512
da654aff4fe9af76c384fcfcc2f3026b17493e5d4d498dab96c17966893f491e9490afd67de3a94f4a1b508c106a52de53738e98f9eaa9e032b6d0f2bb3c4f9b
Static task
static1
Behavioral task
behavioral1
Sample
0be88ec4731d800bfa3b47cba7fe1f220844e187faba227a7d5fd9abd9562571.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0be88ec4731d800bfa3b47cba7fe1f220844e187faba227a7d5fd9abd9562571.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0be88ec4731d800bfa3b47cba7fe1f220844e187faba227a7d5fd9abd9562571
-
Size
191KB
-
MD5
0d7339a273911575be1efdee44bc7a48
-
SHA1
537114b4cdc9ff337c4a896af04c9d072ee99081
-
SHA256
0be88ec4731d800bfa3b47cba7fe1f220844e187faba227a7d5fd9abd9562571
-
SHA512
da654aff4fe9af76c384fcfcc2f3026b17493e5d4d498dab96c17966893f491e9490afd67de3a94f4a1b508c106a52de53738e98f9eaa9e032b6d0f2bb3c4f9b
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-