General
-
Target
859688c36fe52eea9dc010b3d8f95434
-
Size
4.0MB
-
Sample
231219-x98y8afgh4
-
MD5
859688c36fe52eea9dc010b3d8f95434
-
SHA1
8a4f9775b367b95a4dcb5a8167b3e11ce35cc771
-
SHA256
4abf740c48f45def0f1edb3e436d6ffba7ed2365f2dabec48a45d00e96b86c6a
-
SHA512
4b536dfe5b2aad71a21c310d6dc719d1d84f244fe053fbf40a24d38023fd0682ab04596b746e1fae2025c868c6ea4a11a62c92f8781777abe96f795c9123d9d0
-
SSDEEP
24576:DF9mrnE2Z1y/6oTNBZrBEu8C7jnIQCwRO/wTGS5DBMY2:DD2Z1qT3Zz888QCwRO/wT/aY2
Behavioral task
behavioral1
Sample
859688c36fe52eea9dc010b3d8f95434.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
859688c36fe52eea9dc010b3d8f95434.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
859688c36fe52eea9dc010b3d8f95434
-
Size
4.0MB
-
MD5
859688c36fe52eea9dc010b3d8f95434
-
SHA1
8a4f9775b367b95a4dcb5a8167b3e11ce35cc771
-
SHA256
4abf740c48f45def0f1edb3e436d6ffba7ed2365f2dabec48a45d00e96b86c6a
-
SHA512
4b536dfe5b2aad71a21c310d6dc719d1d84f244fe053fbf40a24d38023fd0682ab04596b746e1fae2025c868c6ea4a11a62c92f8781777abe96f795c9123d9d0
-
SSDEEP
24576:DF9mrnE2Z1y/6oTNBZrBEu8C7jnIQCwRO/wTGS5DBMY2:DD2Z1qT3Zz888QCwRO/wT/aY2
Score10/10-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-