General
-
Target
0740ec77561fb77d204cd46b4edf1c70N.exe
-
Size
92KB
-
Sample
240827-as1j7atbrh
-
MD5
0740ec77561fb77d204cd46b4edf1c70
-
SHA1
e8f4b37515e9c9af1faa81a9e67220930702128b
-
SHA256
8ab78b1aca7c5cb151ab984137fe8a1504f9a29a05597d0f83cd5e032c872e84
-
SHA512
cb5f8b83f3b2f3312361badda287597344498dae6a0f15f02e6f5c8cc337e715f31c101160a8ee8c0ad05acec4a1c22b6b045d014225c440c483d1e7d1fdbb6f
-
SSDEEP
1536:TJbCiJVkgMaT2itTkjoRXnM48dXFajVPYxCEtkz30rtrv:9bfVk29te2jqxCEtg30BD
Behavioral task
behavioral1
Sample
0740ec77561fb77d204cd46b4edf1c70N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
0740ec77561fb77d204cd46b4edf1c70N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
sakula
www.savmpet.com
Targets
-
-
Target
0740ec77561fb77d204cd46b4edf1c70N.exe
-
Size
92KB
-
MD5
0740ec77561fb77d204cd46b4edf1c70
-
SHA1
e8f4b37515e9c9af1faa81a9e67220930702128b
-
SHA256
8ab78b1aca7c5cb151ab984137fe8a1504f9a29a05597d0f83cd5e032c872e84
-
SHA512
cb5f8b83f3b2f3312361badda287597344498dae6a0f15f02e6f5c8cc337e715f31c101160a8ee8c0ad05acec4a1c22b6b045d014225c440c483d1e7d1fdbb6f
-
SSDEEP
1536:TJbCiJVkgMaT2itTkjoRXnM48dXFajVPYxCEtkz30rtrv:9bfVk29te2jqxCEtg30BD
Score10/10-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1