General
-
Target
fa685918b7320ca926400a3bc190bc49
-
Size
191KB
-
Sample
231220-v8236shfgp
-
MD5
fa685918b7320ca926400a3bc190bc49
-
SHA1
d4aa058377deb43d54e7213c60882db4b7447dcf
-
SHA256
58eb20bc2754f2f80ef27a7d205d694fa6aca669c60047b9f513cafa09d60f96
-
SHA512
e864e24b556d01719d8e88011f9d89961429f5171e60616aa1f07d975b86329e9edf404bd442a9c779c6278751dd65be791c911431bf6635d380970a55ff8297
-
SSDEEP
1536:2oaj1hJL1S9t0MIeboal8bCKxo7h0RP0jwHVz30rtroZeBsCXKTn8:h0hpgz6xGhTjwHN30BE8BsZ8
Behavioral task
behavioral1
Sample
fa685918b7320ca926400a3bc190bc49.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
fa685918b7320ca926400a3bc190bc49.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
fa685918b7320ca926400a3bc190bc49
-
Size
191KB
-
MD5
fa685918b7320ca926400a3bc190bc49
-
SHA1
d4aa058377deb43d54e7213c60882db4b7447dcf
-
SHA256
58eb20bc2754f2f80ef27a7d205d694fa6aca669c60047b9f513cafa09d60f96
-
SHA512
e864e24b556d01719d8e88011f9d89961429f5171e60616aa1f07d975b86329e9edf404bd442a9c779c6278751dd65be791c911431bf6635d380970a55ff8297
-
SSDEEP
1536:2oaj1hJL1S9t0MIeboal8bCKxo7h0RP0jwHVz30rtroZeBsCXKTn8:h0hpgz6xGhTjwHN30BE8BsZ8
Score10/10-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-