General
-
Target
0aa89b7c69a7c5e5753067b1dd783103568b58ed2b0964ef8699ecbe83877955
-
Size
216KB
-
Sample
220212-k7nt2saea7
-
MD5
4a86825ecb1de84add3a246ca1ba2532
-
SHA1
c24cfdcfef3429f2c21f503a8928a164aa042e1e
-
SHA256
0aa89b7c69a7c5e5753067b1dd783103568b58ed2b0964ef8699ecbe83877955
-
SHA512
f55373423138469c34b4e41b88261f06509a9a0acba6de0d736be5782a0d20991c3fdf6f04f998152ee25809af4515be5d2143a2ea23a830be8e5a014600fd1b
Static task
static1
Behavioral task
behavioral1
Sample
0aa89b7c69a7c5e5753067b1dd783103568b58ed2b0964ef8699ecbe83877955.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0aa89b7c69a7c5e5753067b1dd783103568b58ed2b0964ef8699ecbe83877955.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0aa89b7c69a7c5e5753067b1dd783103568b58ed2b0964ef8699ecbe83877955
-
Size
216KB
-
MD5
4a86825ecb1de84add3a246ca1ba2532
-
SHA1
c24cfdcfef3429f2c21f503a8928a164aa042e1e
-
SHA256
0aa89b7c69a7c5e5753067b1dd783103568b58ed2b0964ef8699ecbe83877955
-
SHA512
f55373423138469c34b4e41b88261f06509a9a0acba6de0d736be5782a0d20991c3fdf6f04f998152ee25809af4515be5d2143a2ea23a830be8e5a014600fd1b
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-