General
-
Target
NEAS.346e98405290305ebf3f95411b795380_JC.exe
-
Size
99KB
-
Sample
231028-e5t1dsfc37
-
MD5
346e98405290305ebf3f95411b795380
-
SHA1
6a5d16e22d35a2b74deac2c5b482980984f41031
-
SHA256
67c9ac0c939e0183fad7dec8e8ad2058139c8ee41ad684888234e4437b65c27d
-
SHA512
b62446c6e89da0f300c461c9aabdfe1a5052f5a01c1b3fba760384a1525d495a1788336ef95ecfabe60c94e90f872fae55bb0c4c4661d60b1e962446c5189c24
-
SSDEEP
1536:Loaj1hJL1S9t0MIeboal8bCKxo7h0RPaaml0Nz30rtrdxW:c0hpgz6xGhZamyF30BBxW
Behavioral task
behavioral1
Sample
NEAS.346e98405290305ebf3f95411b795380_JC.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.346e98405290305ebf3f95411b795380_JC.exe
Resource
win10v2004-20231023-en
Malware Config
Targets
-
-
Target
NEAS.346e98405290305ebf3f95411b795380_JC.exe
-
Size
99KB
-
MD5
346e98405290305ebf3f95411b795380
-
SHA1
6a5d16e22d35a2b74deac2c5b482980984f41031
-
SHA256
67c9ac0c939e0183fad7dec8e8ad2058139c8ee41ad684888234e4437b65c27d
-
SHA512
b62446c6e89da0f300c461c9aabdfe1a5052f5a01c1b3fba760384a1525d495a1788336ef95ecfabe60c94e90f872fae55bb0c4c4661d60b1e962446c5189c24
-
SSDEEP
1536:Loaj1hJL1S9t0MIeboal8bCKxo7h0RPaaml0Nz30rtrdxW:c0hpgz6xGhZamyF30BBxW
Score10/10-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-