General
-
Target
097e523e8de14510cc0df2fac9c85fecc2b022588cc7ffd3c804ff784eed9b12
-
Size
80KB
-
Sample
220212-lk51gsccfl
-
MD5
a732594ff9f11fd6fb0ee553a5d0ed99
-
SHA1
c7ff38ae1f1bd314a89baeaebbda29410ea32e39
-
SHA256
097e523e8de14510cc0df2fac9c85fecc2b022588cc7ffd3c804ff784eed9b12
-
SHA512
4289630dcb9764adc4456f1fac3a511f6ba55f1404a4f387a05e6bab1a7a7c8067b55949d9eee3617dfb0669de5014c42ff9e3ffe0785d839637229017ecb8c1
Static task
static1
Behavioral task
behavioral1
Sample
097e523e8de14510cc0df2fac9c85fecc2b022588cc7ffd3c804ff784eed9b12.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
097e523e8de14510cc0df2fac9c85fecc2b022588cc7ffd3c804ff784eed9b12.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
097e523e8de14510cc0df2fac9c85fecc2b022588cc7ffd3c804ff784eed9b12
-
Size
80KB
-
MD5
a732594ff9f11fd6fb0ee553a5d0ed99
-
SHA1
c7ff38ae1f1bd314a89baeaebbda29410ea32e39
-
SHA256
097e523e8de14510cc0df2fac9c85fecc2b022588cc7ffd3c804ff784eed9b12
-
SHA512
4289630dcb9764adc4456f1fac3a511f6ba55f1404a4f387a05e6bab1a7a7c8067b55949d9eee3617dfb0669de5014c42ff9e3ffe0785d839637229017ecb8c1
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-