General
-
Target
07ab635c4c27a916bffbe797fec67f5d5a406ec5cc3ba7692df8150436522baf
-
Size
216KB
-
Sample
220212-mbdejsbag5
-
MD5
b01ff1f0dd829dbdf4fe781a858f8b29
-
SHA1
97b38e9b4e0ac34635c6af27ee037ae9519b1cf2
-
SHA256
07ab635c4c27a916bffbe797fec67f5d5a406ec5cc3ba7692df8150436522baf
-
SHA512
f1756a3424699f8dc800a2696b01e0a571f0dfbc63f00c75ca7cd3f91647604f652e48e68f15bd5f8adf83d044b0c397f4f76f6fb530e7c27df1ce648d49247d
Static task
static1
Behavioral task
behavioral1
Sample
07ab635c4c27a916bffbe797fec67f5d5a406ec5cc3ba7692df8150436522baf.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
07ab635c4c27a916bffbe797fec67f5d5a406ec5cc3ba7692df8150436522baf.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
07ab635c4c27a916bffbe797fec67f5d5a406ec5cc3ba7692df8150436522baf
-
Size
216KB
-
MD5
b01ff1f0dd829dbdf4fe781a858f8b29
-
SHA1
97b38e9b4e0ac34635c6af27ee037ae9519b1cf2
-
SHA256
07ab635c4c27a916bffbe797fec67f5d5a406ec5cc3ba7692df8150436522baf
-
SHA512
f1756a3424699f8dc800a2696b01e0a571f0dfbc63f00c75ca7cd3f91647604f652e48e68f15bd5f8adf83d044b0c397f4f76f6fb530e7c27df1ce648d49247d
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-