General
-
Target
091674d68f96e87a61860a4d7e09ef6ca38d84009b98c6d0623f2b8e39d54ae8
-
Size
80KB
-
Sample
220212-lrn1jscddp
-
MD5
f4a2c96374007d7a3229990740e0a9b0
-
SHA1
68988c5af539e277a99644d60de3f68295229635
-
SHA256
091674d68f96e87a61860a4d7e09ef6ca38d84009b98c6d0623f2b8e39d54ae8
-
SHA512
32ee4422e877eef3a1b9745c32f9c2e367aedadd7596b9c3d188cff510c8bb4d6c5315203ec419b04bea2bdda0315eea95afb53d97157bb9aa8088a40d2c7672
Static task
static1
Behavioral task
behavioral1
Sample
091674d68f96e87a61860a4d7e09ef6ca38d84009b98c6d0623f2b8e39d54ae8.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
091674d68f96e87a61860a4d7e09ef6ca38d84009b98c6d0623f2b8e39d54ae8.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
091674d68f96e87a61860a4d7e09ef6ca38d84009b98c6d0623f2b8e39d54ae8
-
Size
80KB
-
MD5
f4a2c96374007d7a3229990740e0a9b0
-
SHA1
68988c5af539e277a99644d60de3f68295229635
-
SHA256
091674d68f96e87a61860a4d7e09ef6ca38d84009b98c6d0623f2b8e39d54ae8
-
SHA512
32ee4422e877eef3a1b9745c32f9c2e367aedadd7596b9c3d188cff510c8bb4d6c5315203ec419b04bea2bdda0315eea95afb53d97157bb9aa8088a40d2c7672
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-