General
-
Target
08a271ddc6eec71758ae2a2de7c6cd35efd56e12c737768fa60777e884d7d10b
-
Size
101KB
-
Sample
220212-lxlglsahb4
-
MD5
cfe32cd97d3b59c8e6500e31eaefbee8
-
SHA1
04d0c28b9da72b6419e88d45332fea71a5ae05d0
-
SHA256
08a271ddc6eec71758ae2a2de7c6cd35efd56e12c737768fa60777e884d7d10b
-
SHA512
2f9b5c0a71880a9bd3ff2dd161bc5e249d218d68ed2603e98c5d771462c235b4858b3c20f7c79a3c13dca554aafb5398847fc581bcb8dc76a4d2044b9fd653c9
Static task
static1
Behavioral task
behavioral1
Sample
08a271ddc6eec71758ae2a2de7c6cd35efd56e12c737768fa60777e884d7d10b.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
08a271ddc6eec71758ae2a2de7c6cd35efd56e12c737768fa60777e884d7d10b.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
08a271ddc6eec71758ae2a2de7c6cd35efd56e12c737768fa60777e884d7d10b
-
Size
101KB
-
MD5
cfe32cd97d3b59c8e6500e31eaefbee8
-
SHA1
04d0c28b9da72b6419e88d45332fea71a5ae05d0
-
SHA256
08a271ddc6eec71758ae2a2de7c6cd35efd56e12c737768fa60777e884d7d10b
-
SHA512
2f9b5c0a71880a9bd3ff2dd161bc5e249d218d68ed2603e98c5d771462c235b4858b3c20f7c79a3c13dca554aafb5398847fc581bcb8dc76a4d2044b9fd653c9
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-