General
-
Target
0b0d8d327dd7cba9afd43f018e3869b72c102504692ab76d784f5fa9b0abb8be
-
Size
99KB
-
Sample
220212-kbnjeaaag5
-
MD5
e7855c7952c3b86a7feee870e616bdfe
-
SHA1
0fb98d2bbee7853d08b5a45b6d9d0952a885ee50
-
SHA256
0b0d8d327dd7cba9afd43f018e3869b72c102504692ab76d784f5fa9b0abb8be
-
SHA512
8d0544496982fdfa8e0797a8414ab9b1e5fabb94d441eab058fe4cc12e871f2d3af02489dcf942f10d0df576a10e265fcd10a884b0e77971dcec17292d03fa87
Static task
static1
Behavioral task
behavioral1
Sample
0b0d8d327dd7cba9afd43f018e3869b72c102504692ab76d784f5fa9b0abb8be.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0b0d8d327dd7cba9afd43f018e3869b72c102504692ab76d784f5fa9b0abb8be.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0b0d8d327dd7cba9afd43f018e3869b72c102504692ab76d784f5fa9b0abb8be
-
Size
99KB
-
MD5
e7855c7952c3b86a7feee870e616bdfe
-
SHA1
0fb98d2bbee7853d08b5a45b6d9d0952a885ee50
-
SHA256
0b0d8d327dd7cba9afd43f018e3869b72c102504692ab76d784f5fa9b0abb8be
-
SHA512
8d0544496982fdfa8e0797a8414ab9b1e5fabb94d441eab058fe4cc12e871f2d3af02489dcf942f10d0df576a10e265fcd10a884b0e77971dcec17292d03fa87
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-