General
-
Target
06cd2e13f8cddb2a3b2bb991831dfce6d06a3791bdea0203c6c24ce187455182
-
Size
101KB
-
Sample
220212-ml26nachem
-
MD5
f50b42908fdb562d67852d0e0dbe553f
-
SHA1
8440ddd99a2fef4323c7db2b88cf3fb904478486
-
SHA256
06cd2e13f8cddb2a3b2bb991831dfce6d06a3791bdea0203c6c24ce187455182
-
SHA512
36348aea57c34b4ecab7aa9046ca96254aada30783a04def829c330829db397e67445dfc8d0f3f37d6830c2837e35ff12abd4a1f6c092f2dcfd5f335376756ef
Static task
static1
Behavioral task
behavioral1
Sample
06cd2e13f8cddb2a3b2bb991831dfce6d06a3791bdea0203c6c24ce187455182.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
06cd2e13f8cddb2a3b2bb991831dfce6d06a3791bdea0203c6c24ce187455182.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
06cd2e13f8cddb2a3b2bb991831dfce6d06a3791bdea0203c6c24ce187455182
-
Size
101KB
-
MD5
f50b42908fdb562d67852d0e0dbe553f
-
SHA1
8440ddd99a2fef4323c7db2b88cf3fb904478486
-
SHA256
06cd2e13f8cddb2a3b2bb991831dfce6d06a3791bdea0203c6c24ce187455182
-
SHA512
36348aea57c34b4ecab7aa9046ca96254aada30783a04def829c330829db397e67445dfc8d0f3f37d6830c2837e35ff12abd4a1f6c092f2dcfd5f335376756ef
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-