General
-
Target
NEAS.8d1096f76b66e1352d58391055179aba_JC.exe
-
Size
35KB
-
Sample
231010-xhdzrsfh3s
-
MD5
8d1096f76b66e1352d58391055179aba
-
SHA1
e4910b9dbcf8d83c7b2eb240459d534fc863f50d
-
SHA256
54650fd66e1b87bec4d69845eb400a74cf05dbc8756501355716e6fcab101a4b
-
SHA512
f91882539fe779ad78bfe8ee1bb209bd06c47453f4fe49f9028df8b0e6864307a875ba6ebf2c924c44ccfac4f168b4998effedd0f7124628239c6b676de25bd1
-
SSDEEP
768:TwbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv2647DN:TwbYP4nuEApQK4TQbtY2gA9DX+ytBO7
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.8d1096f76b66e1352d58391055179aba_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
NEAS.8d1096f76b66e1352d58391055179aba_JC.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
NEAS.8d1096f76b66e1352d58391055179aba_JC.exe
-
Size
35KB
-
MD5
8d1096f76b66e1352d58391055179aba
-
SHA1
e4910b9dbcf8d83c7b2eb240459d534fc863f50d
-
SHA256
54650fd66e1b87bec4d69845eb400a74cf05dbc8756501355716e6fcab101a4b
-
SHA512
f91882539fe779ad78bfe8ee1bb209bd06c47453f4fe49f9028df8b0e6864307a875ba6ebf2c924c44ccfac4f168b4998effedd0f7124628239c6b676de25bd1
-
SSDEEP
768:TwbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv2647DN:TwbYP4nuEApQK4TQbtY2gA9DX+ytBO7
Score10/10-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-