General
-
Target
b22159318412b6e0ed004b2bb69d57bb
-
Size
4.5MB
-
Sample
231220-phlevacbd5
-
MD5
b22159318412b6e0ed004b2bb69d57bb
-
SHA1
48f2b5265b83a71541e4a0cb23c796a81dc11856
-
SHA256
d478e209178aa7b10018e4b0307e48566f1851b9934e13387516f39fe179b9ab
-
SHA512
6193ab544bf773da09741d604133590c2964b2bb27ff2b612a5934b0010fa3dd658a64231ee3e986ae96b9246b58fa9ba71d75bd99d592b9126a1427bbcfac66
-
SSDEEP
24576:0+9mrnE2Zjll/6b8h3UZrgEu8CkBW+M3nXvIMfhlG144EE/f5DBMY1:0Y2ZjlkWEZw8Jk+EXvIMfP4FRaY1
Behavioral task
behavioral1
Sample
b22159318412b6e0ed004b2bb69d57bb.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
b22159318412b6e0ed004b2bb69d57bb.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
b22159318412b6e0ed004b2bb69d57bb
-
Size
4.5MB
-
MD5
b22159318412b6e0ed004b2bb69d57bb
-
SHA1
48f2b5265b83a71541e4a0cb23c796a81dc11856
-
SHA256
d478e209178aa7b10018e4b0307e48566f1851b9934e13387516f39fe179b9ab
-
SHA512
6193ab544bf773da09741d604133590c2964b2bb27ff2b612a5934b0010fa3dd658a64231ee3e986ae96b9246b58fa9ba71d75bd99d592b9126a1427bbcfac66
-
SSDEEP
24576:0+9mrnE2Zjll/6b8h3UZrgEu8CkBW+M3nXvIMfhlG144EE/f5DBMY1:0Y2ZjlkWEZw8Jk+EXvIMfP4FRaY1
Score10/10-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-