General
-
Target
04cce4ea3ff059b51f1382f1559199ee5fd76ac87add8de34b67e2c258e9b310
-
Size
216KB
-
Sample
220212-ndj6jsbfd8
-
MD5
c9676d9aad72714d64a8b93fe5fe3e9a
-
SHA1
6d553a2b3bb8ac39bd32b6973106e6651ecc0440
-
SHA256
04cce4ea3ff059b51f1382f1559199ee5fd76ac87add8de34b67e2c258e9b310
-
SHA512
2a0be0f57aedfee9a41fd5032e1e45817c9667e9f23ac6b652dd10d9168be34634b69fc8356baeeb4e087dbab32b734b0ceb8242e5a8e7b56ef0d7930b1b0f17
Static task
static1
Behavioral task
behavioral1
Sample
04cce4ea3ff059b51f1382f1559199ee5fd76ac87add8de34b67e2c258e9b310.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
04cce4ea3ff059b51f1382f1559199ee5fd76ac87add8de34b67e2c258e9b310.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
04cce4ea3ff059b51f1382f1559199ee5fd76ac87add8de34b67e2c258e9b310
-
Size
216KB
-
MD5
c9676d9aad72714d64a8b93fe5fe3e9a
-
SHA1
6d553a2b3bb8ac39bd32b6973106e6651ecc0440
-
SHA256
04cce4ea3ff059b51f1382f1559199ee5fd76ac87add8de34b67e2c258e9b310
-
SHA512
2a0be0f57aedfee9a41fd5032e1e45817c9667e9f23ac6b652dd10d9168be34634b69fc8356baeeb4e087dbab32b734b0ceb8242e5a8e7b56ef0d7930b1b0f17
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-