General
-
Target
073bb0f459f4e64c71df356685829db5f3e04e49f990df673b1e7d8b3912f176
-
Size
89KB
-
Sample
220212-mgb4nsbbd8
-
MD5
16bb4ed5071e0b00c333063e528add05
-
SHA1
112ab330c61bea4d7131f92c61adf11cfb41804b
-
SHA256
073bb0f459f4e64c71df356685829db5f3e04e49f990df673b1e7d8b3912f176
-
SHA512
1b9d16509776d4366723ff53ebb7f2ab9c1be8e0867b2c2ea5adadb0ae7cda9617234df98205cf937a5926aacc758353ebace701a1d99a8842d9e513645eab92
Static task
static1
Behavioral task
behavioral1
Sample
073bb0f459f4e64c71df356685829db5f3e04e49f990df673b1e7d8b3912f176.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
073bb0f459f4e64c71df356685829db5f3e04e49f990df673b1e7d8b3912f176.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
073bb0f459f4e64c71df356685829db5f3e04e49f990df673b1e7d8b3912f176
-
Size
89KB
-
MD5
16bb4ed5071e0b00c333063e528add05
-
SHA1
112ab330c61bea4d7131f92c61adf11cfb41804b
-
SHA256
073bb0f459f4e64c71df356685829db5f3e04e49f990df673b1e7d8b3912f176
-
SHA512
1b9d16509776d4366723ff53ebb7f2ab9c1be8e0867b2c2ea5adadb0ae7cda9617234df98205cf937a5926aacc758353ebace701a1d99a8842d9e513645eab92
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-