General
-
Target
0286e7e74d7c0582c8598a1362b8ac28c405df15d13ba884aff1ee4ea9adbfc7
-
Size
176KB
-
Sample
220212-n8v7ascaf9
-
MD5
a51367d956722fc111b5ed10b25525b1
-
SHA1
19c08a35442046b8e8d5bb7d79d17715002a1455
-
SHA256
0286e7e74d7c0582c8598a1362b8ac28c405df15d13ba884aff1ee4ea9adbfc7
-
SHA512
a8144c3d4f10a4257f86014134165ac075c6d9015507ad05636a538996f086fdcac251249697a5a057fdd51ef093cd187de69df8b219b5dfd94ff2b82ff36f99
Static task
static1
Behavioral task
behavioral1
Sample
0286e7e74d7c0582c8598a1362b8ac28c405df15d13ba884aff1ee4ea9adbfc7.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0286e7e74d7c0582c8598a1362b8ac28c405df15d13ba884aff1ee4ea9adbfc7.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0286e7e74d7c0582c8598a1362b8ac28c405df15d13ba884aff1ee4ea9adbfc7
-
Size
176KB
-
MD5
a51367d956722fc111b5ed10b25525b1
-
SHA1
19c08a35442046b8e8d5bb7d79d17715002a1455
-
SHA256
0286e7e74d7c0582c8598a1362b8ac28c405df15d13ba884aff1ee4ea9adbfc7
-
SHA512
a8144c3d4f10a4257f86014134165ac075c6d9015507ad05636a538996f086fdcac251249697a5a057fdd51ef093cd187de69df8b219b5dfd94ff2b82ff36f99
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-