General
-
Target
049f773c70a9145e4b3e358578a9e703b26ce46a582cc89f814902fe77532840
-
Size
99KB
-
Sample
220212-nfv1tsbfg2
-
MD5
f32cf7eb214b51d9ddd8b5898501c479
-
SHA1
8caf0b0f0f263cf92073fd52a6e93d23f0160859
-
SHA256
049f773c70a9145e4b3e358578a9e703b26ce46a582cc89f814902fe77532840
-
SHA512
f5f4888d304af26df9ba570ce23119419ff23374171b9be8cf811bcd3936a461d5d01826c7d871899b80ef0acafd3adb8f82e22c22884c9a1a02d5cd21138e97
Static task
static1
Behavioral task
behavioral1
Sample
049f773c70a9145e4b3e358578a9e703b26ce46a582cc89f814902fe77532840.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
049f773c70a9145e4b3e358578a9e703b26ce46a582cc89f814902fe77532840.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
049f773c70a9145e4b3e358578a9e703b26ce46a582cc89f814902fe77532840
-
Size
99KB
-
MD5
f32cf7eb214b51d9ddd8b5898501c479
-
SHA1
8caf0b0f0f263cf92073fd52a6e93d23f0160859
-
SHA256
049f773c70a9145e4b3e358578a9e703b26ce46a582cc89f814902fe77532840
-
SHA512
f5f4888d304af26df9ba570ce23119419ff23374171b9be8cf811bcd3936a461d5d01826c7d871899b80ef0acafd3adb8f82e22c22884c9a1a02d5cd21138e97
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-