General
-
Target
0985df5e29fe59f922d77b606089810020f48725ec7fc4cb84b815ed6b876328
-
Size
80KB
-
Sample
220212-lktx8aafg3
-
MD5
0771a14c1e29190001baaa5cc4ab50ca
-
SHA1
3fd5214e57390911d3eb2a84bfc3ee6215c2a8a6
-
SHA256
0985df5e29fe59f922d77b606089810020f48725ec7fc4cb84b815ed6b876328
-
SHA512
1839870c0d08619076443d6705d4b3c0d64bd2328c6d10e0d70180523e35dc71e792310d2afe3792b979d0f38ca1fec5d0cc3d8b942cc52ba8a11904bd866667
Static task
static1
Behavioral task
behavioral1
Sample
0985df5e29fe59f922d77b606089810020f48725ec7fc4cb84b815ed6b876328.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0985df5e29fe59f922d77b606089810020f48725ec7fc4cb84b815ed6b876328.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0985df5e29fe59f922d77b606089810020f48725ec7fc4cb84b815ed6b876328
-
Size
80KB
-
MD5
0771a14c1e29190001baaa5cc4ab50ca
-
SHA1
3fd5214e57390911d3eb2a84bfc3ee6215c2a8a6
-
SHA256
0985df5e29fe59f922d77b606089810020f48725ec7fc4cb84b815ed6b876328
-
SHA512
1839870c0d08619076443d6705d4b3c0d64bd2328c6d10e0d70180523e35dc71e792310d2afe3792b979d0f38ca1fec5d0cc3d8b942cc52ba8a11904bd866667
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-