General
-
Target
089acf4bb8efdc6b163776f58a4457e580c5074e61798087c44d627e58041124
-
Size
92KB
-
Sample
220212-lx49qaahb9
-
MD5
57f355b14a2527388f82a7f585b42d47
-
SHA1
e2175df462bbc23f731ec8e3be28e7c72c5a49fd
-
SHA256
089acf4bb8efdc6b163776f58a4457e580c5074e61798087c44d627e58041124
-
SHA512
75f048f60ec0e12cd883fa7eab074d9fd178ddb9c993257919de4d80907ca66006447c4308f69d3bfd027b5185f448f6d2bc83362e867c71c57712bf9889b826
Static task
static1
Behavioral task
behavioral1
Sample
089acf4bb8efdc6b163776f58a4457e580c5074e61798087c44d627e58041124.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
089acf4bb8efdc6b163776f58a4457e580c5074e61798087c44d627e58041124.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
089acf4bb8efdc6b163776f58a4457e580c5074e61798087c44d627e58041124
-
Size
92KB
-
MD5
57f355b14a2527388f82a7f585b42d47
-
SHA1
e2175df462bbc23f731ec8e3be28e7c72c5a49fd
-
SHA256
089acf4bb8efdc6b163776f58a4457e580c5074e61798087c44d627e58041124
-
SHA512
75f048f60ec0e12cd883fa7eab074d9fd178ddb9c993257919de4d80907ca66006447c4308f69d3bfd027b5185f448f6d2bc83362e867c71c57712bf9889b826
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-