General
-
Target
09341c9e794c78e3e03d6075b50780065bd51f4528ceb83ea7949e4b746ee656
-
Size
192KB
-
Sample
220212-lqbntsagc5
-
MD5
260745d98ce7d543a15a9cf827bafe3d
-
SHA1
00bc7b4c4d052d69e81072923e51e9479b801f79
-
SHA256
09341c9e794c78e3e03d6075b50780065bd51f4528ceb83ea7949e4b746ee656
-
SHA512
dd21f92900559371fcbe0dfde71fef660d9c9282c982e9b1c5d023a4b4064be7175725bcde04f1ff113c70a1b4870a99ee0c5e950e821cf7d37919b69429ee60
Static task
static1
Behavioral task
behavioral1
Sample
09341c9e794c78e3e03d6075b50780065bd51f4528ceb83ea7949e4b746ee656.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
09341c9e794c78e3e03d6075b50780065bd51f4528ceb83ea7949e4b746ee656.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
09341c9e794c78e3e03d6075b50780065bd51f4528ceb83ea7949e4b746ee656
-
Size
192KB
-
MD5
260745d98ce7d543a15a9cf827bafe3d
-
SHA1
00bc7b4c4d052d69e81072923e51e9479b801f79
-
SHA256
09341c9e794c78e3e03d6075b50780065bd51f4528ceb83ea7949e4b746ee656
-
SHA512
dd21f92900559371fcbe0dfde71fef660d9c9282c982e9b1c5d023a4b4064be7175725bcde04f1ff113c70a1b4870a99ee0c5e950e821cf7d37919b69429ee60
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-