General
-
Target
001480f89bbc4009bb1aed1fef8717feb9fecc5c77dce4afbed1370e9672a802
-
Size
152KB
-
Sample
220212-p4vkmsceb3
-
MD5
bcd9d12c0681b0bde74a34166015daaf
-
SHA1
a40c5729bca4a498edca73d8613d4a6e42e0911a
-
SHA256
001480f89bbc4009bb1aed1fef8717feb9fecc5c77dce4afbed1370e9672a802
-
SHA512
abf7e44965475680f93de9ecd628f2502e2d654c2aa722303090a674197fd3a22c42d9c5796c0ad3db574302df84f68c26cf156c65d45318343448c3af5e3e0d
Static task
static1
Behavioral task
behavioral1
Sample
001480f89bbc4009bb1aed1fef8717feb9fecc5c77dce4afbed1370e9672a802.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
001480f89bbc4009bb1aed1fef8717feb9fecc5c77dce4afbed1370e9672a802.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
001480f89bbc4009bb1aed1fef8717feb9fecc5c77dce4afbed1370e9672a802
-
Size
152KB
-
MD5
bcd9d12c0681b0bde74a34166015daaf
-
SHA1
a40c5729bca4a498edca73d8613d4a6e42e0911a
-
SHA256
001480f89bbc4009bb1aed1fef8717feb9fecc5c77dce4afbed1370e9672a802
-
SHA512
abf7e44965475680f93de9ecd628f2502e2d654c2aa722303090a674197fd3a22c42d9c5796c0ad3db574302df84f68c26cf156c65d45318343448c3af5e3e0d
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-