General
-
Target
09b1ea4337c445e072144aad9547b0f058090299c03da26456854362451b21e5
-
Size
99KB
-
Sample
220212-lh8zcsafe4
-
MD5
4e25720731ad58d631c5434164ed179a
-
SHA1
19b3ca765f05058ae85830f935bad559c3eb4328
-
SHA256
09b1ea4337c445e072144aad9547b0f058090299c03da26456854362451b21e5
-
SHA512
ffbc28e733775e4e5fb35308923de7039a1d95605ff3935163026f6d9ae3f5868e567da04bba9a161011c56c79d45fe1327ed6228284bb74fe993473c9da0813
Static task
static1
Behavioral task
behavioral1
Sample
09b1ea4337c445e072144aad9547b0f058090299c03da26456854362451b21e5.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
09b1ea4337c445e072144aad9547b0f058090299c03da26456854362451b21e5.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
09b1ea4337c445e072144aad9547b0f058090299c03da26456854362451b21e5
-
Size
99KB
-
MD5
4e25720731ad58d631c5434164ed179a
-
SHA1
19b3ca765f05058ae85830f935bad559c3eb4328
-
SHA256
09b1ea4337c445e072144aad9547b0f058090299c03da26456854362451b21e5
-
SHA512
ffbc28e733775e4e5fb35308923de7039a1d95605ff3935163026f6d9ae3f5868e567da04bba9a161011c56c79d45fe1327ed6228284bb74fe993473c9da0813
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-