General
-
Target
05ea94bfcd2a9b7928e4b204eff2fe702429bfd9da699ec6adc9782e03048fea
-
Size
80KB
-
Sample
220212-myx3gabdf8
-
MD5
3ce1e3223e564ff87d13b0b0dc031311
-
SHA1
d3c1d16aab63d0589d494a9faa6dbcb3a3348ce9
-
SHA256
05ea94bfcd2a9b7928e4b204eff2fe702429bfd9da699ec6adc9782e03048fea
-
SHA512
92e05f03f67d59c873f042eb8ea296d49ceee42a0e778f40fe2cb17150c9d6aeb7a054469d7aa145d01656d647731d8570df3f48b84a6081e6f458d9ab4f8e60
Static task
static1
Behavioral task
behavioral1
Sample
05ea94bfcd2a9b7928e4b204eff2fe702429bfd9da699ec6adc9782e03048fea.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
05ea94bfcd2a9b7928e4b204eff2fe702429bfd9da699ec6adc9782e03048fea.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
05ea94bfcd2a9b7928e4b204eff2fe702429bfd9da699ec6adc9782e03048fea
-
Size
80KB
-
MD5
3ce1e3223e564ff87d13b0b0dc031311
-
SHA1
d3c1d16aab63d0589d494a9faa6dbcb3a3348ce9
-
SHA256
05ea94bfcd2a9b7928e4b204eff2fe702429bfd9da699ec6adc9782e03048fea
-
SHA512
92e05f03f67d59c873f042eb8ea296d49ceee42a0e778f40fe2cb17150c9d6aeb7a054469d7aa145d01656d647731d8570df3f48b84a6081e6f458d9ab4f8e60
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-