General
-
Target
024734eb14c35db59e383abc90f731e5b65f40330df5ca183fcb71d8d2295ffe
-
Size
192KB
-
Sample
220212-pc7qwscbb6
-
MD5
5b9a62e76d2f1a2aa045e1f1bfeff6ee
-
SHA1
ca612225ab4cef516e4c6862955b06ae2643965f
-
SHA256
024734eb14c35db59e383abc90f731e5b65f40330df5ca183fcb71d8d2295ffe
-
SHA512
38ab8caaee8eed73297b2b6575258c276d3f3dde172babe95fb8f931e56437fe0ef3db43c6f0fea07debdd56a1af4b7ab2af01e323a43a61178e762e090e9a98
Static task
static1
Behavioral task
behavioral1
Sample
024734eb14c35db59e383abc90f731e5b65f40330df5ca183fcb71d8d2295ffe.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
024734eb14c35db59e383abc90f731e5b65f40330df5ca183fcb71d8d2295ffe.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
024734eb14c35db59e383abc90f731e5b65f40330df5ca183fcb71d8d2295ffe
-
Size
192KB
-
MD5
5b9a62e76d2f1a2aa045e1f1bfeff6ee
-
SHA1
ca612225ab4cef516e4c6862955b06ae2643965f
-
SHA256
024734eb14c35db59e383abc90f731e5b65f40330df5ca183fcb71d8d2295ffe
-
SHA512
38ab8caaee8eed73297b2b6575258c276d3f3dde172babe95fb8f931e56437fe0ef3db43c6f0fea07debdd56a1af4b7ab2af01e323a43a61178e762e090e9a98
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-