General
-
Target
0bbdc10d88d7c515c2f93bff4b8607f3029ab6ef0efd8c8022e9d58458d9b6a5
-
Size
80KB
-
Sample
220212-jynbgshhc5
-
MD5
26935e64a48ff0c22f51ffb1f7843d54
-
SHA1
86b27bc0f97143a0fa64d1f31bf6a33db1edf131
-
SHA256
0bbdc10d88d7c515c2f93bff4b8607f3029ab6ef0efd8c8022e9d58458d9b6a5
-
SHA512
159529a04627f8601d2415f53995a7137b6e3134a9f6208c0937109e542d96b91dfb8946cd45bf03583a0ccf3bfa3c783b5dc83fbe95816c8ba817f130541efc
Static task
static1
Behavioral task
behavioral1
Sample
0bbdc10d88d7c515c2f93bff4b8607f3029ab6ef0efd8c8022e9d58458d9b6a5.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0bbdc10d88d7c515c2f93bff4b8607f3029ab6ef0efd8c8022e9d58458d9b6a5.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0bbdc10d88d7c515c2f93bff4b8607f3029ab6ef0efd8c8022e9d58458d9b6a5
-
Size
80KB
-
MD5
26935e64a48ff0c22f51ffb1f7843d54
-
SHA1
86b27bc0f97143a0fa64d1f31bf6a33db1edf131
-
SHA256
0bbdc10d88d7c515c2f93bff4b8607f3029ab6ef0efd8c8022e9d58458d9b6a5
-
SHA512
159529a04627f8601d2415f53995a7137b6e3134a9f6208c0937109e542d96b91dfb8946cd45bf03583a0ccf3bfa3c783b5dc83fbe95816c8ba817f130541efc
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-