General
-
Target
04a2e3b5d9f94300d1cc791649fa3d903edef79b7efe0207ade15755a91dfe2c
-
Size
216KB
-
Sample
220212-nflr6abff8
-
MD5
6cb110e70e3a7d6d2d69a9bf829d24dd
-
SHA1
4552f20f64f73da4d51597950611b4c72dcf8716
-
SHA256
04a2e3b5d9f94300d1cc791649fa3d903edef79b7efe0207ade15755a91dfe2c
-
SHA512
3e4fb9a9c5729e23aceefca097a53824dbdffb9a3bc7ea0a6c4f444d7156257f3f1615a61b0bc47ab7d8e20b48a4ccb4fb9bd6db508d735f55fd9a1aa657743d
Static task
static1
Behavioral task
behavioral1
Sample
04a2e3b5d9f94300d1cc791649fa3d903edef79b7efe0207ade15755a91dfe2c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
04a2e3b5d9f94300d1cc791649fa3d903edef79b7efe0207ade15755a91dfe2c.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
04a2e3b5d9f94300d1cc791649fa3d903edef79b7efe0207ade15755a91dfe2c
-
Size
216KB
-
MD5
6cb110e70e3a7d6d2d69a9bf829d24dd
-
SHA1
4552f20f64f73da4d51597950611b4c72dcf8716
-
SHA256
04a2e3b5d9f94300d1cc791649fa3d903edef79b7efe0207ade15755a91dfe2c
-
SHA512
3e4fb9a9c5729e23aceefca097a53824dbdffb9a3bc7ea0a6c4f444d7156257f3f1615a61b0bc47ab7d8e20b48a4ccb4fb9bd6db508d735f55fd9a1aa657743d
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-