General
-
Target
06e47b6d8063e91018c9ddb586c88603e903fa36cfb455a0a673f54ee75f4299
-
Size
80KB
-
Sample
220212-mkqfgabca7
-
MD5
4b0a580e5a206b99236710055dd6aabe
-
SHA1
95b107f88258e73681ea727fe47459520600ced3
-
SHA256
06e47b6d8063e91018c9ddb586c88603e903fa36cfb455a0a673f54ee75f4299
-
SHA512
4235f38bff308086b1a45675d75f2cc611db488eba2aa1ae4bd3abda7b95942fdbc32c54f145c7e2b9b5eeaa8e9d7a1d642a70455f55a3938223103e2d225a9b
Static task
static1
Behavioral task
behavioral1
Sample
06e47b6d8063e91018c9ddb586c88603e903fa36cfb455a0a673f54ee75f4299.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
06e47b6d8063e91018c9ddb586c88603e903fa36cfb455a0a673f54ee75f4299.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
06e47b6d8063e91018c9ddb586c88603e903fa36cfb455a0a673f54ee75f4299
-
Size
80KB
-
MD5
4b0a580e5a206b99236710055dd6aabe
-
SHA1
95b107f88258e73681ea727fe47459520600ced3
-
SHA256
06e47b6d8063e91018c9ddb586c88603e903fa36cfb455a0a673f54ee75f4299
-
SHA512
4235f38bff308086b1a45675d75f2cc611db488eba2aa1ae4bd3abda7b95942fdbc32c54f145c7e2b9b5eeaa8e9d7a1d642a70455f55a3938223103e2d225a9b
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-