General
-
Target
059fc0e0f5850c3b2160db0a3a24d4bab1b91f091db3b64d3d15c0dd9b5296f0
-
Size
191KB
-
Sample
220212-m3cx4abeb6
-
MD5
c14350d44e115ebc942f3f0d8a8b0b15
-
SHA1
6097e03fe65403fc00023565f9564b9fdce76323
-
SHA256
059fc0e0f5850c3b2160db0a3a24d4bab1b91f091db3b64d3d15c0dd9b5296f0
-
SHA512
8c500b5cf205d7a43faca30d836a60e87ad2a052f978172c99a258244ef33b0bd056ea58bab9c3f25b96e2411bfb67ccd5f5caed8cc8e6df06c77fbe9015c8d7
Static task
static1
Behavioral task
behavioral1
Sample
059fc0e0f5850c3b2160db0a3a24d4bab1b91f091db3b64d3d15c0dd9b5296f0.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
059fc0e0f5850c3b2160db0a3a24d4bab1b91f091db3b64d3d15c0dd9b5296f0.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
059fc0e0f5850c3b2160db0a3a24d4bab1b91f091db3b64d3d15c0dd9b5296f0
-
Size
191KB
-
MD5
c14350d44e115ebc942f3f0d8a8b0b15
-
SHA1
6097e03fe65403fc00023565f9564b9fdce76323
-
SHA256
059fc0e0f5850c3b2160db0a3a24d4bab1b91f091db3b64d3d15c0dd9b5296f0
-
SHA512
8c500b5cf205d7a43faca30d836a60e87ad2a052f978172c99a258244ef33b0bd056ea58bab9c3f25b96e2411bfb67ccd5f5caed8cc8e6df06c77fbe9015c8d7
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-