General
-
Target
c2264f2d6a6e0108caa212d4c3c786f6d77ac907b02abf1ccf9d74f9439890f4
-
Size
60KB
-
Sample
221018-csmdnsecfn
-
MD5
cfb618ea09382a4e7a68c3dd6a4732b3
-
SHA1
9156cb63276c50d24fa11f4dc6c2c65c01db2bb9
-
SHA256
c2264f2d6a6e0108caa212d4c3c786f6d77ac907b02abf1ccf9d74f9439890f4
-
SHA512
ff373843fe5d698316076cde9a087216ac62aefda35408a998ee407e0d9813d6a8b2025788cdfe6e3e7d3dc07a433afe7e8eb6140c0923292d3aaaa30f303f5e
-
SSDEEP
1536:iZioIoCwbYP4nuEApQK4TQbtY2gA9DX+ytBO8c3G3eTJ/X:iEoIlwIguEA4c5DgA9DOyq0eFP
Static task
static1
Behavioral task
behavioral1
Sample
c2264f2d6a6e0108caa212d4c3c786f6d77ac907b02abf1ccf9d74f9439890f4.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c2264f2d6a6e0108caa212d4c3c786f6d77ac907b02abf1ccf9d74f9439890f4.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
c2264f2d6a6e0108caa212d4c3c786f6d77ac907b02abf1ccf9d74f9439890f4
-
Size
60KB
-
MD5
cfb618ea09382a4e7a68c3dd6a4732b3
-
SHA1
9156cb63276c50d24fa11f4dc6c2c65c01db2bb9
-
SHA256
c2264f2d6a6e0108caa212d4c3c786f6d77ac907b02abf1ccf9d74f9439890f4
-
SHA512
ff373843fe5d698316076cde9a087216ac62aefda35408a998ee407e0d9813d6a8b2025788cdfe6e3e7d3dc07a433afe7e8eb6140c0923292d3aaaa30f303f5e
-
SSDEEP
1536:iZioIoCwbYP4nuEApQK4TQbtY2gA9DX+ytBO8c3G3eTJ/X:iEoIlwIguEA4c5DgA9DOyq0eFP
Score10/10-
Sakula payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-