General
-
Target
95c28fdcd6de38a871b73ac516b6b180N.exe
-
Size
35KB
-
Sample
240830-z6csqaweqc
-
MD5
95c28fdcd6de38a871b73ac516b6b180
-
SHA1
08d4938afe261a55cdef79434c003c5e153cc1cb
-
SHA256
ad10d162b11a20a7ae33d0d0ddaf6e409a3d7c0be948b6e9b94d9d4ff7826fd7
-
SHA512
de5864e15a8c00d7c557c6f159e7bcbca95b0a701fe4b330f8e16d0b60dbf57e585334f3b9eaea5457b3d8272b8670e843f41ee2fd799fba24824d138026390a
-
SSDEEP
768:qwbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv2647Dn:qwbYP4nuEApQK4TQbtY2gA9DX+ytBOF
Static task
static1
Behavioral task
behavioral1
Sample
95c28fdcd6de38a871b73ac516b6b180N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
95c28fdcd6de38a871b73ac516b6b180N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
95c28fdcd6de38a871b73ac516b6b180N.exe
-
Size
35KB
-
MD5
95c28fdcd6de38a871b73ac516b6b180
-
SHA1
08d4938afe261a55cdef79434c003c5e153cc1cb
-
SHA256
ad10d162b11a20a7ae33d0d0ddaf6e409a3d7c0be948b6e9b94d9d4ff7826fd7
-
SHA512
de5864e15a8c00d7c557c6f159e7bcbca95b0a701fe4b330f8e16d0b60dbf57e585334f3b9eaea5457b3d8272b8670e843f41ee2fd799fba24824d138026390a
-
SSDEEP
768:qwbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv2647Dn:qwbYP4nuEApQK4TQbtY2gA9DX+ytBOF
Score10/10-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1