General
-
Target
0897434e86349228be72901e4127ace95fa3bb2475e2adefa2851f0221d3ca27
-
Size
152KB
-
Sample
220212-lybc2aahc4
-
MD5
8cdc21cba19c7031be6eda60c4934f43
-
SHA1
d4fb28b03fea48a0e3b95b76e13dcc3e3c5ad987
-
SHA256
0897434e86349228be72901e4127ace95fa3bb2475e2adefa2851f0221d3ca27
-
SHA512
5accedbf20aef38628f975123a1b25d88ecead7086ff20c0882e4b98f9c1c7a412c7299a9ef2e457318b47afcd374d6f8b54798f1b575abee030021ab7e1f404
Static task
static1
Behavioral task
behavioral1
Sample
0897434e86349228be72901e4127ace95fa3bb2475e2adefa2851f0221d3ca27.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0897434e86349228be72901e4127ace95fa3bb2475e2adefa2851f0221d3ca27.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0897434e86349228be72901e4127ace95fa3bb2475e2adefa2851f0221d3ca27
-
Size
152KB
-
MD5
8cdc21cba19c7031be6eda60c4934f43
-
SHA1
d4fb28b03fea48a0e3b95b76e13dcc3e3c5ad987
-
SHA256
0897434e86349228be72901e4127ace95fa3bb2475e2adefa2851f0221d3ca27
-
SHA512
5accedbf20aef38628f975123a1b25d88ecead7086ff20c0882e4b98f9c1c7a412c7299a9ef2e457318b47afcd374d6f8b54798f1b575abee030021ab7e1f404
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-