General
-
Target
0a27f4ddc87156a44b6dcde76289c6c3e19f61b198a731ad96b7624bbb7e7358
-
Size
99KB
-
Sample
220212-ldkqzaaeh3
-
MD5
c79472cb224ad9fc5d4bd22a482859ae
-
SHA1
af4e09f8a0ec1a800a85399c8bd5cc4d6d00b187
-
SHA256
0a27f4ddc87156a44b6dcde76289c6c3e19f61b198a731ad96b7624bbb7e7358
-
SHA512
9e47da182c3f498cbdd7cae698948816afffdf9723877fc169b81e9d19b2055de8aa3913a746afbe003fe0d7e5ca78e398a341f1a6fbb1eb92095311c64d024c
Static task
static1
Behavioral task
behavioral1
Sample
0a27f4ddc87156a44b6dcde76289c6c3e19f61b198a731ad96b7624bbb7e7358.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0a27f4ddc87156a44b6dcde76289c6c3e19f61b198a731ad96b7624bbb7e7358.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0a27f4ddc87156a44b6dcde76289c6c3e19f61b198a731ad96b7624bbb7e7358
-
Size
99KB
-
MD5
c79472cb224ad9fc5d4bd22a482859ae
-
SHA1
af4e09f8a0ec1a800a85399c8bd5cc4d6d00b187
-
SHA256
0a27f4ddc87156a44b6dcde76289c6c3e19f61b198a731ad96b7624bbb7e7358
-
SHA512
9e47da182c3f498cbdd7cae698948816afffdf9723877fc169b81e9d19b2055de8aa3913a746afbe003fe0d7e5ca78e398a341f1a6fbb1eb92095311c64d024c
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-