General
-
Target
062114e6ac851f45b277f0f6b6981335b2e73490d48b3e4c1137dbbb9a2a2b93
-
Size
192KB
-
Sample
220212-mvl6ssbdb8
-
MD5
88ffe508793e8d4fc06e5b44260b4089
-
SHA1
5c51e3f0cbf684076b8a8b0f130c304f09db2bef
-
SHA256
062114e6ac851f45b277f0f6b6981335b2e73490d48b3e4c1137dbbb9a2a2b93
-
SHA512
8b108bee07828b344ce4d69c2d9c6dcf9c8fe21db8ce6f5cb7276b9efd0e64de8e75b07268f7bb18a749e3b5ef9395f8672ff3a8fd0b36c01cad7396da2a3dd0
Static task
static1
Behavioral task
behavioral1
Sample
062114e6ac851f45b277f0f6b6981335b2e73490d48b3e4c1137dbbb9a2a2b93.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
062114e6ac851f45b277f0f6b6981335b2e73490d48b3e4c1137dbbb9a2a2b93.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
062114e6ac851f45b277f0f6b6981335b2e73490d48b3e4c1137dbbb9a2a2b93
-
Size
192KB
-
MD5
88ffe508793e8d4fc06e5b44260b4089
-
SHA1
5c51e3f0cbf684076b8a8b0f130c304f09db2bef
-
SHA256
062114e6ac851f45b277f0f6b6981335b2e73490d48b3e4c1137dbbb9a2a2b93
-
SHA512
8b108bee07828b344ce4d69c2d9c6dcf9c8fe21db8ce6f5cb7276b9efd0e64de8e75b07268f7bb18a749e3b5ef9395f8672ff3a8fd0b36c01cad7396da2a3dd0
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-