General
-
Target
07ba49d903b0de909215d2f1d8d679ae69fb18c52d5aa3d5df005413cd71e210
-
Size
191KB
-
Sample
220212-majvyabaf4
-
MD5
d0458ca0f9d8f92ad58803d9e73d52c8
-
SHA1
a3f2deefa72c699cd49f2534805f60c0c89b2011
-
SHA256
07ba49d903b0de909215d2f1d8d679ae69fb18c52d5aa3d5df005413cd71e210
-
SHA512
38019cbe7ee13bd49934475bbe30cb20575ef14ee4b08ff2b42d8fecde664d6e39fcb29ab65b5a39b926daceb18b9391e3a6134a88382bc73f7cf329050ea6d7
Static task
static1
Behavioral task
behavioral1
Sample
07ba49d903b0de909215d2f1d8d679ae69fb18c52d5aa3d5df005413cd71e210.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
07ba49d903b0de909215d2f1d8d679ae69fb18c52d5aa3d5df005413cd71e210.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
07ba49d903b0de909215d2f1d8d679ae69fb18c52d5aa3d5df005413cd71e210
-
Size
191KB
-
MD5
d0458ca0f9d8f92ad58803d9e73d52c8
-
SHA1
a3f2deefa72c699cd49f2534805f60c0c89b2011
-
SHA256
07ba49d903b0de909215d2f1d8d679ae69fb18c52d5aa3d5df005413cd71e210
-
SHA512
38019cbe7ee13bd49934475bbe30cb20575ef14ee4b08ff2b42d8fecde664d6e39fcb29ab65b5a39b926daceb18b9391e3a6134a88382bc73f7cf329050ea6d7
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-