General
-
Target
NEAS.eba4cdc0e44a700cc86432eeefd82f40.exe
-
Size
99KB
-
Sample
231101-rqd2vahb8s
-
MD5
eba4cdc0e44a700cc86432eeefd82f40
-
SHA1
cbb38653fced9ffd4b78daf20ae7be82222322be
-
SHA256
5d9b5be7fb44448822ccf9e020c8f0ad2790f3df5d2f84e8b680b78168350bfe
-
SHA512
371ced12fcae4754e4e0f809b93cc3c2bbdb8168cf7cb936b229d9d39b0185e14cf5270e6893f2d89e1346b00e701e1884419df40f4a82398f3c5513005a6662
-
SSDEEP
1536:Loaj1hJL1S9t0MIeboal8bCKxo7h0RPaaml0Nz30rtrtx7:c0hpgz6xGhZamyF30B5x7
Behavioral task
behavioral1
Sample
NEAS.eba4cdc0e44a700cc86432eeefd82f40.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.eba4cdc0e44a700cc86432eeefd82f40.exe
Resource
win10v2004-20231023-en
Malware Config
Targets
-
-
Target
NEAS.eba4cdc0e44a700cc86432eeefd82f40.exe
-
Size
99KB
-
MD5
eba4cdc0e44a700cc86432eeefd82f40
-
SHA1
cbb38653fced9ffd4b78daf20ae7be82222322be
-
SHA256
5d9b5be7fb44448822ccf9e020c8f0ad2790f3df5d2f84e8b680b78168350bfe
-
SHA512
371ced12fcae4754e4e0f809b93cc3c2bbdb8168cf7cb936b229d9d39b0185e14cf5270e6893f2d89e1346b00e701e1884419df40f4a82398f3c5513005a6662
-
SSDEEP
1536:Loaj1hJL1S9t0MIeboal8bCKxo7h0RPaaml0Nz30rtrtx7:c0hpgz6xGhZamyF30B5x7
Score10/10-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-