General
-
Target
0976a63cdb77bf2945b72b01e3e20d7c961566177d5a98703e753acca1d1a55b
-
Size
176KB
-
Sample
220212-llzvvsafh7
-
MD5
ada8ef4ef4ac4570e23a51b480e7ec10
-
SHA1
8d43b967540a9b0c69b989c6e5a23623f0b42831
-
SHA256
0976a63cdb77bf2945b72b01e3e20d7c961566177d5a98703e753acca1d1a55b
-
SHA512
278ffd26e7f0028c522063497af7c3ced8c9acb8c39c734490414888e874a4c7b55964eaef6f9ac26894c910f18ffd0746853b210cfd919d4f3a2ae44eb0c268
Static task
static1
Behavioral task
behavioral1
Sample
0976a63cdb77bf2945b72b01e3e20d7c961566177d5a98703e753acca1d1a55b.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0976a63cdb77bf2945b72b01e3e20d7c961566177d5a98703e753acca1d1a55b.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0976a63cdb77bf2945b72b01e3e20d7c961566177d5a98703e753acca1d1a55b
-
Size
176KB
-
MD5
ada8ef4ef4ac4570e23a51b480e7ec10
-
SHA1
8d43b967540a9b0c69b989c6e5a23623f0b42831
-
SHA256
0976a63cdb77bf2945b72b01e3e20d7c961566177d5a98703e753acca1d1a55b
-
SHA512
278ffd26e7f0028c522063497af7c3ced8c9acb8c39c734490414888e874a4c7b55964eaef6f9ac26894c910f18ffd0746853b210cfd919d4f3a2ae44eb0c268
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-