General
-
Target
041ef5263504ab8fbb972529b2f7c861bb04175c9aa7b9cbb2a7c8a2c672de60
-
Size
101KB
-
Sample
220212-nn1ahsbge4
-
MD5
c4a0411e035d4e538e295b19af6554c7
-
SHA1
0727a1eabe9b6f782b69dd8ae15929208c81f50c
-
SHA256
041ef5263504ab8fbb972529b2f7c861bb04175c9aa7b9cbb2a7c8a2c672de60
-
SHA512
5fc58033b82e1551a36d547c27d258fea8ffafcbae24a969ef074e3b20df18bb7f3ac4092b89fc1f253acf686b02464c356223631069af02bba74f15e8a25dd7
Static task
static1
Behavioral task
behavioral1
Sample
041ef5263504ab8fbb972529b2f7c861bb04175c9aa7b9cbb2a7c8a2c672de60.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
041ef5263504ab8fbb972529b2f7c861bb04175c9aa7b9cbb2a7c8a2c672de60.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
041ef5263504ab8fbb972529b2f7c861bb04175c9aa7b9cbb2a7c8a2c672de60
-
Size
101KB
-
MD5
c4a0411e035d4e538e295b19af6554c7
-
SHA1
0727a1eabe9b6f782b69dd8ae15929208c81f50c
-
SHA256
041ef5263504ab8fbb972529b2f7c861bb04175c9aa7b9cbb2a7c8a2c672de60
-
SHA512
5fc58033b82e1551a36d547c27d258fea8ffafcbae24a969ef074e3b20df18bb7f3ac4092b89fc1f253acf686b02464c356223631069af02bba74f15e8a25dd7
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-