General
-
Target
9ac61ae0d44028ab818411e0a7a9479e7a9b48d7989ac1d69874946bbd369469
-
Size
103KB
-
Sample
240416-akk5jaeb3v
-
MD5
964dbcc033f8a68ec51b8ac890c62420
-
SHA1
9fb6447c754ac4ae7736e974494b77cf81ab388a
-
SHA256
9ac61ae0d44028ab818411e0a7a9479e7a9b48d7989ac1d69874946bbd369469
-
SHA512
a40000e894f3dcb352a219fc1b3371e2065d664770f33b4ae08bb3a7c0089b7be4eab3b8427c891f62d33411ebb1f889470beac144140d621e89f63aeeb3c4b3
-
SSDEEP
1536:egaj1hJL1d9t0MIeboal8bCKxo7h0RPSaml0Nz30rtr08q:d0hpzz6xGhpamyF30BA8q
Behavioral task
behavioral1
Sample
9ac61ae0d44028ab818411e0a7a9479e7a9b48d7989ac1d69874946bbd369469.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9ac61ae0d44028ab818411e0a7a9479e7a9b48d7989ac1d69874946bbd369469.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
9ac61ae0d44028ab818411e0a7a9479e7a9b48d7989ac1d69874946bbd369469
-
Size
103KB
-
MD5
964dbcc033f8a68ec51b8ac890c62420
-
SHA1
9fb6447c754ac4ae7736e974494b77cf81ab388a
-
SHA256
9ac61ae0d44028ab818411e0a7a9479e7a9b48d7989ac1d69874946bbd369469
-
SHA512
a40000e894f3dcb352a219fc1b3371e2065d664770f33b4ae08bb3a7c0089b7be4eab3b8427c891f62d33411ebb1f889470beac144140d621e89f63aeeb3c4b3
-
SSDEEP
1536:egaj1hJL1d9t0MIeboal8bCKxo7h0RPSaml0Nz30rtr08q:d0hpzz6xGhpamyF30BA8q
Score10/10-
Sakula payload
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-