General
-
Target
06bf26202244b7a5780d62017d33b3c501c7589f0d2ef5df48dfd6048e0c1873
-
Size
99KB
-
Sample
220212-mm5yyabcd6
-
MD5
6f74e48362675aca55ebf634893b2dee
-
SHA1
54c8aa3c62197d404f5ea9243443fa237933cbdb
-
SHA256
06bf26202244b7a5780d62017d33b3c501c7589f0d2ef5df48dfd6048e0c1873
-
SHA512
9520cab5233524e18fa5e0c310d7fa4613006caaad943a3d9921272c978c79a7241be8a73542fab3ec1b74439ce98ce2e39f2981545be9fd828589b908732ac6
Static task
static1
Behavioral task
behavioral1
Sample
06bf26202244b7a5780d62017d33b3c501c7589f0d2ef5df48dfd6048e0c1873.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
06bf26202244b7a5780d62017d33b3c501c7589f0d2ef5df48dfd6048e0c1873.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
06bf26202244b7a5780d62017d33b3c501c7589f0d2ef5df48dfd6048e0c1873
-
Size
99KB
-
MD5
6f74e48362675aca55ebf634893b2dee
-
SHA1
54c8aa3c62197d404f5ea9243443fa237933cbdb
-
SHA256
06bf26202244b7a5780d62017d33b3c501c7589f0d2ef5df48dfd6048e0c1873
-
SHA512
9520cab5233524e18fa5e0c310d7fa4613006caaad943a3d9921272c978c79a7241be8a73542fab3ec1b74439ce98ce2e39f2981545be9fd828589b908732ac6
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-