General
-
Target
072bb757e3e58a56311f70134c09bbd4792e36578c5f98b74e5bfe0f31245526
-
Size
99KB
-
Sample
220212-mg8smsbbf4
-
MD5
0401c40c363d348c55d2f885834e0912
-
SHA1
c54f21051d41cdcac203101b026d26386cbf71d1
-
SHA256
072bb757e3e58a56311f70134c09bbd4792e36578c5f98b74e5bfe0f31245526
-
SHA512
60a995717a3a0a6c49370d540392e6e345f282295f8d101ba95ad4aa036b9fd6d90a1aea54ea8cb358d52e79a42cd292bf519c3b829395beb9011836f6939808
Static task
static1
Behavioral task
behavioral1
Sample
072bb757e3e58a56311f70134c09bbd4792e36578c5f98b74e5bfe0f31245526.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
072bb757e3e58a56311f70134c09bbd4792e36578c5f98b74e5bfe0f31245526.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
072bb757e3e58a56311f70134c09bbd4792e36578c5f98b74e5bfe0f31245526
-
Size
99KB
-
MD5
0401c40c363d348c55d2f885834e0912
-
SHA1
c54f21051d41cdcac203101b026d26386cbf71d1
-
SHA256
072bb757e3e58a56311f70134c09bbd4792e36578c5f98b74e5bfe0f31245526
-
SHA512
60a995717a3a0a6c49370d540392e6e345f282295f8d101ba95ad4aa036b9fd6d90a1aea54ea8cb358d52e79a42cd292bf519c3b829395beb9011836f6939808
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-