General
-
Target
66bff874892ff467378d5c9c8f9c9ef5.zip
-
Size
56KB
-
Sample
240831-ma8jasydlm
-
MD5
02d1b2d388ee6a67ad4087fbe930c92d
-
SHA1
acb8b19041e031ae0dd6536837253c957cb58cdc
-
SHA256
38f639e51e80bb29dc44913411c69f03b953a6aaeed5319f5ad4df18354fd4ba
-
SHA512
cf56bd21eecf9f95409731bf8c03ad09134bb393b27cf33a553d926800331315b8e83e3e13ce52d84ea7adaf1817e2a535d75baf4584203f9cb64a6ac1f48ce8
-
SSDEEP
1536:PPenKXAK/5AxIoGgvjDZRVFscVh2rDytHQAovcC1a:neQgvjNRxwrWtHIHg
Static task
static1
Behavioral task
behavioral1
Sample
b655052323d602b1059c47413f60e908ffdb38edc45bde553f6cd91133cfc1cf.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
b655052323d602b1059c47413f60e908ffdb38edc45bde553f6cd91133cfc1cf.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
b655052323d602b1059c47413f60e908ffdb38edc45bde553f6cd91133cfc1cf
-
Size
60KB
-
MD5
66bff874892ff467378d5c9c8f9c9ef5
-
SHA1
7174ad727f8346615b9a7174603a789529c29f56
-
SHA256
b655052323d602b1059c47413f60e908ffdb38edc45bde553f6cd91133cfc1cf
-
SHA512
77efdf47e120751c4a5ea9a93036287da6912574b16dbef10000ff69c736beaef89caedc8ac103ab83b440aef97c00d5a924f0fc6160018cc4d04326ec9fba23
-
SSDEEP
1536:iZioIoCwbYP4nuEApQK4TQbtY2gA9DX+ytBO8c3G3eTJ/T:iEoIlwIguEA4c5DgA9DOyq0eF7
Score10/10-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1