General
-
Target
098141e7c82e48fc69a50e3edff0bcf9ff6e8669cbbbc03ffbe7f16cdd02f557
-
Size
191KB
-
Sample
220212-lk12jaafg5
-
MD5
a5a3b807c886b205b12d70d190bb37a9
-
SHA1
c191e5ab9df27b9f0049622d3d10cab7efa1f97e
-
SHA256
098141e7c82e48fc69a50e3edff0bcf9ff6e8669cbbbc03ffbe7f16cdd02f557
-
SHA512
6ac50ba34e59c65cf763735a6bace05c4c7c8474496ce30ca2118577fc8726b6d4564ffc53bf5c9faef95355e4bbb8017d0d907c522a39daf936577020804e59
Static task
static1
Behavioral task
behavioral1
Sample
098141e7c82e48fc69a50e3edff0bcf9ff6e8669cbbbc03ffbe7f16cdd02f557.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
098141e7c82e48fc69a50e3edff0bcf9ff6e8669cbbbc03ffbe7f16cdd02f557.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
098141e7c82e48fc69a50e3edff0bcf9ff6e8669cbbbc03ffbe7f16cdd02f557
-
Size
191KB
-
MD5
a5a3b807c886b205b12d70d190bb37a9
-
SHA1
c191e5ab9df27b9f0049622d3d10cab7efa1f97e
-
SHA256
098141e7c82e48fc69a50e3edff0bcf9ff6e8669cbbbc03ffbe7f16cdd02f557
-
SHA512
6ac50ba34e59c65cf763735a6bace05c4c7c8474496ce30ca2118577fc8726b6d4564ffc53bf5c9faef95355e4bbb8017d0d907c522a39daf936577020804e59
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-