General
-
Target
09aab2e374d4d8c0df66bc72ad1d91b6c005be504a07d2f43de58ed8018807a4
-
Size
99KB
-
Sample
220212-ljtaasaff4
-
MD5
85e6b105ed928568d652a411badd517a
-
SHA1
73545d58753259aa6c273c0cb328bde386285f98
-
SHA256
09aab2e374d4d8c0df66bc72ad1d91b6c005be504a07d2f43de58ed8018807a4
-
SHA512
75e64be7a8d6f12b2063ecd1f39074cefe9931f421a542a6b77af9f16ee6399549b14ddf686d552ad9f43237aea17d6e0de50d457b966bd543b8acb871a0f34a
Static task
static1
Behavioral task
behavioral1
Sample
09aab2e374d4d8c0df66bc72ad1d91b6c005be504a07d2f43de58ed8018807a4.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
09aab2e374d4d8c0df66bc72ad1d91b6c005be504a07d2f43de58ed8018807a4.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
09aab2e374d4d8c0df66bc72ad1d91b6c005be504a07d2f43de58ed8018807a4
-
Size
99KB
-
MD5
85e6b105ed928568d652a411badd517a
-
SHA1
73545d58753259aa6c273c0cb328bde386285f98
-
SHA256
09aab2e374d4d8c0df66bc72ad1d91b6c005be504a07d2f43de58ed8018807a4
-
SHA512
75e64be7a8d6f12b2063ecd1f39074cefe9931f421a542a6b77af9f16ee6399549b14ddf686d552ad9f43237aea17d6e0de50d457b966bd543b8acb871a0f34a
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-