General
-
Target
05d937ee6b04d9c64e2ba0abe440b5e888e1b70fc8bf4a0518f896d08aa6a6d2
-
Size
192KB
-
Sample
220212-mzy16abdh3
-
MD5
0a14b6a5b5bef15d7418404c5a3f8ca2
-
SHA1
df74b88e00e15d3863c45ddc309e224d93fcdb04
-
SHA256
05d937ee6b04d9c64e2ba0abe440b5e888e1b70fc8bf4a0518f896d08aa6a6d2
-
SHA512
062fae83a3c26e92b60700de310544d125caa9377cb4b140d09c963c413d69875ca7dc1fc17973a444f073f20c8b7e74d3764cb79c75b78239f28ffc4ed9079a
Static task
static1
Behavioral task
behavioral1
Sample
05d937ee6b04d9c64e2ba0abe440b5e888e1b70fc8bf4a0518f896d08aa6a6d2.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
05d937ee6b04d9c64e2ba0abe440b5e888e1b70fc8bf4a0518f896d08aa6a6d2.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
05d937ee6b04d9c64e2ba0abe440b5e888e1b70fc8bf4a0518f896d08aa6a6d2
-
Size
192KB
-
MD5
0a14b6a5b5bef15d7418404c5a3f8ca2
-
SHA1
df74b88e00e15d3863c45ddc309e224d93fcdb04
-
SHA256
05d937ee6b04d9c64e2ba0abe440b5e888e1b70fc8bf4a0518f896d08aa6a6d2
-
SHA512
062fae83a3c26e92b60700de310544d125caa9377cb4b140d09c963c413d69875ca7dc1fc17973a444f073f20c8b7e74d3764cb79c75b78239f28ffc4ed9079a
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-