General
-
Target
0b1f799872efa4104694ac8a61833379042d9eeafd1f8cd7c5d670af62d52be6
-
Size
80KB
-
Sample
220212-ka7wnaaag2
-
MD5
0d844ac3cee87911d980fd7761bbf41e
-
SHA1
815a79e302f61470a94c7b248f84eb1432bae43f
-
SHA256
0b1f799872efa4104694ac8a61833379042d9eeafd1f8cd7c5d670af62d52be6
-
SHA512
2453bbc148fe3ac9a4851d10957188b6fea17f15550b871bfd09ede1f6aab093b0a3738bb71ba5daeaa97a2ef5848fdf2eae1c255f6ab68334ae99455b879d36
Static task
static1
Behavioral task
behavioral1
Sample
0b1f799872efa4104694ac8a61833379042d9eeafd1f8cd7c5d670af62d52be6.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0b1f799872efa4104694ac8a61833379042d9eeafd1f8cd7c5d670af62d52be6.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0b1f799872efa4104694ac8a61833379042d9eeafd1f8cd7c5d670af62d52be6
-
Size
80KB
-
MD5
0d844ac3cee87911d980fd7761bbf41e
-
SHA1
815a79e302f61470a94c7b248f84eb1432bae43f
-
SHA256
0b1f799872efa4104694ac8a61833379042d9eeafd1f8cd7c5d670af62d52be6
-
SHA512
2453bbc148fe3ac9a4851d10957188b6fea17f15550b871bfd09ede1f6aab093b0a3738bb71ba5daeaa97a2ef5848fdf2eae1c255f6ab68334ae99455b879d36
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-