General
-
Target
0bd466ebaa0b76339c8dc6667c7d48d41ec117fe5957cbc3f1cb43257e5169de
-
Size
80KB
-
Sample
220212-jxye3abdhp
-
MD5
539b88975e08ebb23fc3e38d2a748bcf
-
SHA1
592e04fed97a048ba8cf613cfb1864b291a0f804
-
SHA256
0bd466ebaa0b76339c8dc6667c7d48d41ec117fe5957cbc3f1cb43257e5169de
-
SHA512
33246d5cb06e67fdb438e03fabecb6dea7662698a2aad6f1efb2030cf472541cfcb8c95d9fa988079424c46cb7e9b82d8d70eb7790470d90b0d253d056e85176
Static task
static1
Behavioral task
behavioral1
Sample
0bd466ebaa0b76339c8dc6667c7d48d41ec117fe5957cbc3f1cb43257e5169de.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0bd466ebaa0b76339c8dc6667c7d48d41ec117fe5957cbc3f1cb43257e5169de.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0bd466ebaa0b76339c8dc6667c7d48d41ec117fe5957cbc3f1cb43257e5169de
-
Size
80KB
-
MD5
539b88975e08ebb23fc3e38d2a748bcf
-
SHA1
592e04fed97a048ba8cf613cfb1864b291a0f804
-
SHA256
0bd466ebaa0b76339c8dc6667c7d48d41ec117fe5957cbc3f1cb43257e5169de
-
SHA512
33246d5cb06e67fdb438e03fabecb6dea7662698a2aad6f1efb2030cf472541cfcb8c95d9fa988079424c46cb7e9b82d8d70eb7790470d90b0d253d056e85176
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-