General
-
Target
6de45d12ecbb43adb995681c0fa32fef9aeeebc3b645105ce9d0d94a9781fdc8.exe
-
Size
44KB
-
Sample
231109-y6gk8sdc7z
-
MD5
d24231c7fd3434c343289eefe8d9e561
-
SHA1
9b554dedf014e6518796d657fae6c9786a6c9a27
-
SHA256
6de45d12ecbb43adb995681c0fa32fef9aeeebc3b645105ce9d0d94a9781fdc8
-
SHA512
071668c29357e18d441d6136b4461bb52337ea65f67381728271445604b9d0bd870b86807157f5f1e1e0d63c7ff33fe61608957828459290d8e6836bc7d8529c
-
SSDEEP
768:GhSksandb4GgyMsw4hyYtoVxYMcm1oUt1vnhBl:GTsGpjhyYtkYMRyUFb
Static task
static1
Behavioral task
behavioral1
Sample
6de45d12ecbb43adb995681c0fa32fef9aeeebc3b645105ce9d0d94a9781fdc8.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
6de45d12ecbb43adb995681c0fa32fef9aeeebc3b645105ce9d0d94a9781fdc8.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
sakula
http://vpn.premrera.com:443/viewpre.asp?cstring=%s&tom=%d&id=%d
http://vpn.premrera.com:443/photo/%s.jpg?id=%d
http://173.254.226.212:443/viewpre.asp?cstring=%s&tom=%d&id=%d
http://173.254.226.212:443/photo/%s.jpg?id=%d
Targets
-
-
Target
6de45d12ecbb43adb995681c0fa32fef9aeeebc3b645105ce9d0d94a9781fdc8.exe
-
Size
44KB
-
MD5
d24231c7fd3434c343289eefe8d9e561
-
SHA1
9b554dedf014e6518796d657fae6c9786a6c9a27
-
SHA256
6de45d12ecbb43adb995681c0fa32fef9aeeebc3b645105ce9d0d94a9781fdc8
-
SHA512
071668c29357e18d441d6136b4461bb52337ea65f67381728271445604b9d0bd870b86807157f5f1e1e0d63c7ff33fe61608957828459290d8e6836bc7d8529c
-
SSDEEP
768:GhSksandb4GgyMsw4hyYtoVxYMcm1oUt1vnhBl:GTsGpjhyYtkYMRyUFb
Score10/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-