General
-
Target
932249c923c8f7977c12785238e68d4b2030471fc9edbda0ec326ced3bab755f
-
Size
3.6MB
-
Sample
220224-m9g6dschc7
-
MD5
4e7155bd7afbb888e41128b78413855b
-
SHA1
8387ad1ee24852185eb9dd265987ae39fa0254d0
-
SHA256
932249c923c8f7977c12785238e68d4b2030471fc9edbda0ec326ced3bab755f
-
SHA512
5ea1e3074525018d672ef91a39cdcf949c5a54dd1957a7aca0a7f547418640e93cb4628345fd4cbc373943fc3c708d91c8943f3c505271059c69de80fe6a6a8c
Static task
static1
Behavioral task
behavioral1
Sample
932249c923c8f7977c12785238e68d4b2030471fc9edbda0ec326ced3bab755f.exe
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
932249c923c8f7977c12785238e68d4b2030471fc9edbda0ec326ced3bab755f.exe
Resource
win10-20220223-en
Behavioral task
behavioral3
Sample
932249c923c8f7977c12785238e68d4b2030471fc9edbda0ec326ced3bab755f.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
932249c923c8f7977c12785238e68d4b2030471fc9edbda0ec326ced3bab755f
-
Size
3.6MB
-
MD5
4e7155bd7afbb888e41128b78413855b
-
SHA1
8387ad1ee24852185eb9dd265987ae39fa0254d0
-
SHA256
932249c923c8f7977c12785238e68d4b2030471fc9edbda0ec326ced3bab755f
-
SHA512
5ea1e3074525018d672ef91a39cdcf949c5a54dd1957a7aca0a7f547418640e93cb4628345fd4cbc373943fc3c708d91c8943f3c505271059c69de80fe6a6a8c
Score10/10-
Sakula Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-