General
-
Target
0ace0bba5a909515268e0e2b08766b3c1fd9f55c574eb674f8ad18d2266c0e90
-
Size
89KB
-
Sample
220212-k4x9baadg2
-
MD5
cfa7f8efdadc9428e1ad9634d729fb6a
-
SHA1
94fff97b3361cbeb2f3205eb12df61102aeaeba9
-
SHA256
0ace0bba5a909515268e0e2b08766b3c1fd9f55c574eb674f8ad18d2266c0e90
-
SHA512
87dfda0ec2b3ffb089abbb5e11532c20e4f335d102bd72e0bd68ae30677a1798a882a3b9552a8b894ceecbad66aebb4cd6dda5ac161ca3b9696f718ecfa012cc
Static task
static1
Behavioral task
behavioral1
Sample
0ace0bba5a909515268e0e2b08766b3c1fd9f55c574eb674f8ad18d2266c0e90.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0ace0bba5a909515268e0e2b08766b3c1fd9f55c574eb674f8ad18d2266c0e90.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0ace0bba5a909515268e0e2b08766b3c1fd9f55c574eb674f8ad18d2266c0e90
-
Size
89KB
-
MD5
cfa7f8efdadc9428e1ad9634d729fb6a
-
SHA1
94fff97b3361cbeb2f3205eb12df61102aeaeba9
-
SHA256
0ace0bba5a909515268e0e2b08766b3c1fd9f55c574eb674f8ad18d2266c0e90
-
SHA512
87dfda0ec2b3ffb089abbb5e11532c20e4f335d102bd72e0bd68ae30677a1798a882a3b9552a8b894ceecbad66aebb4cd6dda5ac161ca3b9696f718ecfa012cc
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-