General
-
Target
0390f577ed1842a4024f31615cf9eb460fa595df2f6d681c6ea695a74d7b8b15
-
Size
80KB
-
Sample
220212-nv62msdehp
-
MD5
dbe327f607639ca58f23a11850e37a6e
-
SHA1
848f31ec24cbdd273bf7050a0b0c66c3ef749506
-
SHA256
0390f577ed1842a4024f31615cf9eb460fa595df2f6d681c6ea695a74d7b8b15
-
SHA512
ae0cdd603e7c4cc77261db25ad1af9d47dbadb33943fc7685cbd6cf428846ba3c269bc0648ac6e6c53f90338fcdbb0daf0d3a0e52ec8dbbdfb37eae82b3ba93b
Static task
static1
Behavioral task
behavioral1
Sample
0390f577ed1842a4024f31615cf9eb460fa595df2f6d681c6ea695a74d7b8b15.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0390f577ed1842a4024f31615cf9eb460fa595df2f6d681c6ea695a74d7b8b15.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0390f577ed1842a4024f31615cf9eb460fa595df2f6d681c6ea695a74d7b8b15
-
Size
80KB
-
MD5
dbe327f607639ca58f23a11850e37a6e
-
SHA1
848f31ec24cbdd273bf7050a0b0c66c3ef749506
-
SHA256
0390f577ed1842a4024f31615cf9eb460fa595df2f6d681c6ea695a74d7b8b15
-
SHA512
ae0cdd603e7c4cc77261db25ad1af9d47dbadb33943fc7685cbd6cf428846ba3c269bc0648ac6e6c53f90338fcdbb0daf0d3a0e52ec8dbbdfb37eae82b3ba93b
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-