General
-
Target
NEAS.8f42e1693846cc01e1f85c0174114f30.exe
-
Size
100KB
-
Sample
231107-b4waaahf21
-
MD5
8f42e1693846cc01e1f85c0174114f30
-
SHA1
e0863599d991c7b16b77eb1c604018ca5dc875fb
-
SHA256
07fe46f6d97a8ea77ad9c0c64391dd73a67536e27e48d619ba9d987c79487e29
-
SHA512
c307a36d4833739d1032a3e94341cdebba9ffed623837d6e5d0401ee093a7fd89d02994d425d11ca504b19f1e828b3d3db0233f4f8bb863d93a504ef8898d2f1
-
SSDEEP
1536:Loaj1hJL1S9t0MIeboal8bCKxo7h0RPaaml0Nz30rtrsxL:c0hpgz6xGhZamyF30BoxL
Behavioral task
behavioral1
Sample
NEAS.8f42e1693846cc01e1f85c0174114f30.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.8f42e1693846cc01e1f85c0174114f30.exe
Resource
win10v2004-20231023-en
Malware Config
Targets
-
-
Target
NEAS.8f42e1693846cc01e1f85c0174114f30.exe
-
Size
100KB
-
MD5
8f42e1693846cc01e1f85c0174114f30
-
SHA1
e0863599d991c7b16b77eb1c604018ca5dc875fb
-
SHA256
07fe46f6d97a8ea77ad9c0c64391dd73a67536e27e48d619ba9d987c79487e29
-
SHA512
c307a36d4833739d1032a3e94341cdebba9ffed623837d6e5d0401ee093a7fd89d02994d425d11ca504b19f1e828b3d3db0233f4f8bb863d93a504ef8898d2f1
-
SSDEEP
1536:Loaj1hJL1S9t0MIeboal8bCKxo7h0RPaaml0Nz30rtrsxL:c0hpgz6xGhZamyF30BoxL
Score10/10-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-