General
-
Target
055c9a87250af9ebaa63c65fd03300d1a6ae2fc5637767ef7cbeb9391ee2d3cf
-
Size
192KB
-
Sample
220212-m661cadbgq
-
MD5
b679a58f7b1d8ff8a33314fcf226b4eb
-
SHA1
23604499cc666d3279b7a26c39ece82304158fef
-
SHA256
055c9a87250af9ebaa63c65fd03300d1a6ae2fc5637767ef7cbeb9391ee2d3cf
-
SHA512
9233ffa72f1917703fd6662ed94c659e296f132631442f8578afae30d0f3fa83c3c9b38d3d81700b1a9a6996abc8e9312ce432c5d990505a9892cd7843712ceb
Static task
static1
Behavioral task
behavioral1
Sample
055c9a87250af9ebaa63c65fd03300d1a6ae2fc5637767ef7cbeb9391ee2d3cf.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
055c9a87250af9ebaa63c65fd03300d1a6ae2fc5637767ef7cbeb9391ee2d3cf.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
055c9a87250af9ebaa63c65fd03300d1a6ae2fc5637767ef7cbeb9391ee2d3cf
-
Size
192KB
-
MD5
b679a58f7b1d8ff8a33314fcf226b4eb
-
SHA1
23604499cc666d3279b7a26c39ece82304158fef
-
SHA256
055c9a87250af9ebaa63c65fd03300d1a6ae2fc5637767ef7cbeb9391ee2d3cf
-
SHA512
9233ffa72f1917703fd6662ed94c659e296f132631442f8578afae30d0f3fa83c3c9b38d3d81700b1a9a6996abc8e9312ce432c5d990505a9892cd7843712ceb
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-