General
-
Target
06e0f084f57cdf51fd050acd1b204c5077dc11e858d07e1521e9a6ff18727027
-
Size
92KB
-
Sample
220212-mk2hqsbcb4
-
MD5
5aaecc6db7d45f4d736c53f01b520806
-
SHA1
60ca2b9bd6a2412045ac7e3455e3e4d17abb1aac
-
SHA256
06e0f084f57cdf51fd050acd1b204c5077dc11e858d07e1521e9a6ff18727027
-
SHA512
f233356be210cdffcc8a63e98b5ac2afca320a88615b4195b169a59e076c23037fcc675002d35b09db2193e1d03c99d9452d5ceadf7a93de32acafe74ae9c4b0
Static task
static1
Behavioral task
behavioral1
Sample
06e0f084f57cdf51fd050acd1b204c5077dc11e858d07e1521e9a6ff18727027.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
06e0f084f57cdf51fd050acd1b204c5077dc11e858d07e1521e9a6ff18727027.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
06e0f084f57cdf51fd050acd1b204c5077dc11e858d07e1521e9a6ff18727027
-
Size
92KB
-
MD5
5aaecc6db7d45f4d736c53f01b520806
-
SHA1
60ca2b9bd6a2412045ac7e3455e3e4d17abb1aac
-
SHA256
06e0f084f57cdf51fd050acd1b204c5077dc11e858d07e1521e9a6ff18727027
-
SHA512
f233356be210cdffcc8a63e98b5ac2afca320a88615b4195b169a59e076c23037fcc675002d35b09db2193e1d03c99d9452d5ceadf7a93de32acafe74ae9c4b0
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-