General
-
Target
b04ebbf7600432ec350fb3a11cb9ee849d0e2a2d305131a5cfc2b5d299c00767
-
Size
320KB
-
Sample
220224-m81w4sebej
-
MD5
eac5e6914604ece9a851facad5059faf
-
SHA1
0db5d0b0b1b1fbd1c12b80bedad2dd7bce07ac67
-
SHA256
b04ebbf7600432ec350fb3a11cb9ee849d0e2a2d305131a5cfc2b5d299c00767
-
SHA512
b519e44d214585e78890b6a9a35c407a8030c503f83a159a3ff2806d416d2e40a4c3fac31dd8d1ef7ffd3f1c37b30937a3c6da93ef4869ea481da8779387a9bc
Static task
static1
Behavioral task
behavioral1
Sample
b04ebbf7600432ec350fb3a11cb9ee849d0e2a2d305131a5cfc2b5d299c00767.exe
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
b04ebbf7600432ec350fb3a11cb9ee849d0e2a2d305131a5cfc2b5d299c00767.exe
Resource
win10-20220223-en
Behavioral task
behavioral3
Sample
b04ebbf7600432ec350fb3a11cb9ee849d0e2a2d305131a5cfc2b5d299c00767.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
b04ebbf7600432ec350fb3a11cb9ee849d0e2a2d305131a5cfc2b5d299c00767
-
Size
320KB
-
MD5
eac5e6914604ece9a851facad5059faf
-
SHA1
0db5d0b0b1b1fbd1c12b80bedad2dd7bce07ac67
-
SHA256
b04ebbf7600432ec350fb3a11cb9ee849d0e2a2d305131a5cfc2b5d299c00767
-
SHA512
b519e44d214585e78890b6a9a35c407a8030c503f83a159a3ff2806d416d2e40a4c3fac31dd8d1ef7ffd3f1c37b30937a3c6da93ef4869ea481da8779387a9bc
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-