General
-
Target
0690574b35562c81c626aeff4fe47e29c3f9f405e982c868c96b3d60caea4d82
-
Size
80KB
-
Sample
220212-mp3llachhm
-
MD5
8d63c936f26761b2e67ae02d7b8fac8f
-
SHA1
d8a77e0b6c4c2d1608ff151d95f2f9d7a0f1bb90
-
SHA256
0690574b35562c81c626aeff4fe47e29c3f9f405e982c868c96b3d60caea4d82
-
SHA512
882e2ecbfc71d7ae7183488b58985523b37b423bb478ea91b41a08822c98598326611981c8084b2fd95f923eb086c779ca2edad339a151ca9faa43b78aba9862
Static task
static1
Behavioral task
behavioral1
Sample
0690574b35562c81c626aeff4fe47e29c3f9f405e982c868c96b3d60caea4d82.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0690574b35562c81c626aeff4fe47e29c3f9f405e982c868c96b3d60caea4d82.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0690574b35562c81c626aeff4fe47e29c3f9f405e982c868c96b3d60caea4d82
-
Size
80KB
-
MD5
8d63c936f26761b2e67ae02d7b8fac8f
-
SHA1
d8a77e0b6c4c2d1608ff151d95f2f9d7a0f1bb90
-
SHA256
0690574b35562c81c626aeff4fe47e29c3f9f405e982c868c96b3d60caea4d82
-
SHA512
882e2ecbfc71d7ae7183488b58985523b37b423bb478ea91b41a08822c98598326611981c8084b2fd95f923eb086c779ca2edad339a151ca9faa43b78aba9862
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-