General
-
Target
0907040be98bb04fe0b7e3df99d7149a5c88944d9ca3c57f7bcd08be16a8f0a3
-
Size
84KB
-
Sample
220212-lshj6aage5
-
MD5
e955f6d624d65c0d2f6f928e2377a851
-
SHA1
665338918e48673a29e19f7ec4509ff09653da5f
-
SHA256
0907040be98bb04fe0b7e3df99d7149a5c88944d9ca3c57f7bcd08be16a8f0a3
-
SHA512
1f786ecacc514c81b725387f90b1d43bd49746880aeaf14b71c5f6ba3f02dba260c17f1328c9ae37708a2112cc3b78b4b9c0cd72ccf6afadfd48a65e479b21f1
Static task
static1
Behavioral task
behavioral1
Sample
0907040be98bb04fe0b7e3df99d7149a5c88944d9ca3c57f7bcd08be16a8f0a3.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0907040be98bb04fe0b7e3df99d7149a5c88944d9ca3c57f7bcd08be16a8f0a3.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0907040be98bb04fe0b7e3df99d7149a5c88944d9ca3c57f7bcd08be16a8f0a3
-
Size
84KB
-
MD5
e955f6d624d65c0d2f6f928e2377a851
-
SHA1
665338918e48673a29e19f7ec4509ff09653da5f
-
SHA256
0907040be98bb04fe0b7e3df99d7149a5c88944d9ca3c57f7bcd08be16a8f0a3
-
SHA512
1f786ecacc514c81b725387f90b1d43bd49746880aeaf14b71c5f6ba3f02dba260c17f1328c9ae37708a2112cc3b78b4b9c0cd72ccf6afadfd48a65e479b21f1
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-