General
-
Target
08210f1db18737882c4b473156a6d2080c42a347be51bc1cedd32d8f4ae280c7
-
Size
191KB
-
Sample
220212-l4t3bscehp
-
MD5
9abae7daf9452d49636ff6be95ce3569
-
SHA1
65653741558dafd4d4740f83bb283f669b9ae36b
-
SHA256
08210f1db18737882c4b473156a6d2080c42a347be51bc1cedd32d8f4ae280c7
-
SHA512
14afb505ead618ed6242a35c7b4cd40f1ea99b361d273c2ce9320045f01739d8fae9c839954b7b7ed4877e951a0b6c7aa01cb3d852e503d6b5c9387b084060ef
Static task
static1
Behavioral task
behavioral1
Sample
08210f1db18737882c4b473156a6d2080c42a347be51bc1cedd32d8f4ae280c7.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
08210f1db18737882c4b473156a6d2080c42a347be51bc1cedd32d8f4ae280c7.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
08210f1db18737882c4b473156a6d2080c42a347be51bc1cedd32d8f4ae280c7
-
Size
191KB
-
MD5
9abae7daf9452d49636ff6be95ce3569
-
SHA1
65653741558dafd4d4740f83bb283f669b9ae36b
-
SHA256
08210f1db18737882c4b473156a6d2080c42a347be51bc1cedd32d8f4ae280c7
-
SHA512
14afb505ead618ed6242a35c7b4cd40f1ea99b361d273c2ce9320045f01739d8fae9c839954b7b7ed4877e951a0b6c7aa01cb3d852e503d6b5c9387b084060ef
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-