General
-
Target
0912a2740e33df0fa94767d2c0edb83a6c2b3d7056736a239deb24551c76640d
-
Size
101KB
-
Sample
220212-lrz3taage2
-
MD5
be5a680d4457f2544a48ec7e75a17fd5
-
SHA1
9fdfd2fbc8c4d312c5ae40faa3ee7f92ee0abb8e
-
SHA256
0912a2740e33df0fa94767d2c0edb83a6c2b3d7056736a239deb24551c76640d
-
SHA512
22e368e689ba5a370b9e028f219d4df2a8805e867673cd9d0cbe2f356a420a5b25779ac7b9bec06c564962d51a35771ef243053388e6843a9f4282909834a3c6
Static task
static1
Behavioral task
behavioral1
Sample
0912a2740e33df0fa94767d2c0edb83a6c2b3d7056736a239deb24551c76640d.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0912a2740e33df0fa94767d2c0edb83a6c2b3d7056736a239deb24551c76640d.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0912a2740e33df0fa94767d2c0edb83a6c2b3d7056736a239deb24551c76640d
-
Size
101KB
-
MD5
be5a680d4457f2544a48ec7e75a17fd5
-
SHA1
9fdfd2fbc8c4d312c5ae40faa3ee7f92ee0abb8e
-
SHA256
0912a2740e33df0fa94767d2c0edb83a6c2b3d7056736a239deb24551c76640d
-
SHA512
22e368e689ba5a370b9e028f219d4df2a8805e867673cd9d0cbe2f356a420a5b25779ac7b9bec06c564962d51a35771ef243053388e6843a9f4282909834a3c6
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-