General
-
Target
087457cee9fd4660933d58b30057e9ff3d61f3039f99578bb1af04ffed956c18
-
Size
216KB
-
Sample
220212-l1f2asahd8
-
MD5
1dc521319b2ea7e2af2f2b80b35e6425
-
SHA1
cafde0d86edc6ef65f81395ecc93022754408a33
-
SHA256
087457cee9fd4660933d58b30057e9ff3d61f3039f99578bb1af04ffed956c18
-
SHA512
e72ecb6260399f657de6f3e361c92f4c2b733273111c36b30f4c91d302f1a2b74b094f93c29d155f8ca31874f247024abbb27579fa1188d68bb1a7bf42f89554
Static task
static1
Behavioral task
behavioral1
Sample
087457cee9fd4660933d58b30057e9ff3d61f3039f99578bb1af04ffed956c18.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
087457cee9fd4660933d58b30057e9ff3d61f3039f99578bb1af04ffed956c18.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
087457cee9fd4660933d58b30057e9ff3d61f3039f99578bb1af04ffed956c18
-
Size
216KB
-
MD5
1dc521319b2ea7e2af2f2b80b35e6425
-
SHA1
cafde0d86edc6ef65f81395ecc93022754408a33
-
SHA256
087457cee9fd4660933d58b30057e9ff3d61f3039f99578bb1af04ffed956c18
-
SHA512
e72ecb6260399f657de6f3e361c92f4c2b733273111c36b30f4c91d302f1a2b74b094f93c29d155f8ca31874f247024abbb27579fa1188d68bb1a7bf42f89554
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-