General
-
Target
09bbf3bffecbd9efd0570e7736d3a963d2e2b84ed6323789734b9fadc2f8ed65
-
Size
80KB
-
Sample
220212-lhz2fsafd9
-
MD5
a81aca0ebd9222df0bcf7e0b11f69ae9
-
SHA1
7646215b4b20003bf1ea09c3c9b8e0660fea524b
-
SHA256
09bbf3bffecbd9efd0570e7736d3a963d2e2b84ed6323789734b9fadc2f8ed65
-
SHA512
14f36fbaa792c91699af4eeab445de096c6275205bf9b9d475093b8dcd2e625c90ea243e8c872e0b23dcdc82034e3360b7a242433f785174e014a1a3a1b85c21
Static task
static1
Behavioral task
behavioral1
Sample
09bbf3bffecbd9efd0570e7736d3a963d2e2b84ed6323789734b9fadc2f8ed65.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
09bbf3bffecbd9efd0570e7736d3a963d2e2b84ed6323789734b9fadc2f8ed65.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
09bbf3bffecbd9efd0570e7736d3a963d2e2b84ed6323789734b9fadc2f8ed65
-
Size
80KB
-
MD5
a81aca0ebd9222df0bcf7e0b11f69ae9
-
SHA1
7646215b4b20003bf1ea09c3c9b8e0660fea524b
-
SHA256
09bbf3bffecbd9efd0570e7736d3a963d2e2b84ed6323789734b9fadc2f8ed65
-
SHA512
14f36fbaa792c91699af4eeab445de096c6275205bf9b9d475093b8dcd2e625c90ea243e8c872e0b23dcdc82034e3360b7a242433f785174e014a1a3a1b85c21
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-