General
-
Target
09c3ca4af8a2b614932dd1b1f1aa375dac1503c7208f773dfd46bcf6539c7915
-
Size
79KB
-
Sample
220212-lhq4jsccdj
-
MD5
6beea83af352b25b71073388e945770d
-
SHA1
918d34a49f2a636fdd0840fc375a34bffdcf9b21
-
SHA256
09c3ca4af8a2b614932dd1b1f1aa375dac1503c7208f773dfd46bcf6539c7915
-
SHA512
b3504851164677dcb3cd0461c0ee386b7129d0b60dbb9b3cbb547437fe498679da9a886025513a74d17b42d004b3cf4e8177b31f67bc183c375ac7876c1f108e
Static task
static1
Behavioral task
behavioral1
Sample
09c3ca4af8a2b614932dd1b1f1aa375dac1503c7208f773dfd46bcf6539c7915.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
09c3ca4af8a2b614932dd1b1f1aa375dac1503c7208f773dfd46bcf6539c7915.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
09c3ca4af8a2b614932dd1b1f1aa375dac1503c7208f773dfd46bcf6539c7915
-
Size
79KB
-
MD5
6beea83af352b25b71073388e945770d
-
SHA1
918d34a49f2a636fdd0840fc375a34bffdcf9b21
-
SHA256
09c3ca4af8a2b614932dd1b1f1aa375dac1503c7208f773dfd46bcf6539c7915
-
SHA512
b3504851164677dcb3cd0461c0ee386b7129d0b60dbb9b3cbb547437fe498679da9a886025513a74d17b42d004b3cf4e8177b31f67bc183c375ac7876c1f108e
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-