General
-
Target
0a47dafa88b1bb5422276f28ade5cbd33df900dd56a40311ef61076e2b1b9e95
-
Size
216KB
-
Sample
220212-lbxmraaee4
-
MD5
ab3a91335ee0c1b96ceedfa96dc1595e
-
SHA1
33186c8247d1d40765d2635fc5e71497a6c76249
-
SHA256
0a47dafa88b1bb5422276f28ade5cbd33df900dd56a40311ef61076e2b1b9e95
-
SHA512
a560719a954c91ef4daabd524e071a838555fc92bce574efca514042046f70be5d0a9b7e628694a1ca5604bd81576519118f177fe40a4d94823e7285d211af42
Static task
static1
Behavioral task
behavioral1
Sample
0a47dafa88b1bb5422276f28ade5cbd33df900dd56a40311ef61076e2b1b9e95.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0a47dafa88b1bb5422276f28ade5cbd33df900dd56a40311ef61076e2b1b9e95.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0a47dafa88b1bb5422276f28ade5cbd33df900dd56a40311ef61076e2b1b9e95
-
Size
216KB
-
MD5
ab3a91335ee0c1b96ceedfa96dc1595e
-
SHA1
33186c8247d1d40765d2635fc5e71497a6c76249
-
SHA256
0a47dafa88b1bb5422276f28ade5cbd33df900dd56a40311ef61076e2b1b9e95
-
SHA512
a560719a954c91ef4daabd524e071a838555fc92bce574efca514042046f70be5d0a9b7e628694a1ca5604bd81576519118f177fe40a4d94823e7285d211af42
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-