General
-
Target
07eceea33c443c88d61550021824a61e84470489a001cafc2b0e01dcc94cca9b
-
Size
80KB
-
Sample
220212-l7h48scfcq
-
MD5
8b54f5affc9a09286293c9ac1a9b32dd
-
SHA1
c8329fd729b5daa2733c9aee4563647b10c6e967
-
SHA256
07eceea33c443c88d61550021824a61e84470489a001cafc2b0e01dcc94cca9b
-
SHA512
16f7d869297e0e70d85c86842a21ecd9e2132077ca9d39f77a7e96a2e64872cf6ecf6807b4b73543de6ee71344318f2f5d8702907e0fb136905e4cbb3b57d5db
Static task
static1
Behavioral task
behavioral1
Sample
07eceea33c443c88d61550021824a61e84470489a001cafc2b0e01dcc94cca9b.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
07eceea33c443c88d61550021824a61e84470489a001cafc2b0e01dcc94cca9b.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
07eceea33c443c88d61550021824a61e84470489a001cafc2b0e01dcc94cca9b
-
Size
80KB
-
MD5
8b54f5affc9a09286293c9ac1a9b32dd
-
SHA1
c8329fd729b5daa2733c9aee4563647b10c6e967
-
SHA256
07eceea33c443c88d61550021824a61e84470489a001cafc2b0e01dcc94cca9b
-
SHA512
16f7d869297e0e70d85c86842a21ecd9e2132077ca9d39f77a7e96a2e64872cf6ecf6807b4b73543de6ee71344318f2f5d8702907e0fb136905e4cbb3b57d5db
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-