General
-
Target
4b2088fe48f8324b7fbcbf01a23d3ab365b922d1097d08e2f6a0784be34b8f43
-
Size
1.2MB
-
Sample
240831-pwzvdstflc
-
MD5
5febfc61f0679c0764d45326bc4944f0
-
SHA1
e4639f3c5c9978e167aa54ed7db00f8b37bde2bc
-
SHA256
4b2088fe48f8324b7fbcbf01a23d3ab365b922d1097d08e2f6a0784be34b8f43
-
SHA512
f0949f82ae9af42bb2451615acc2278e55b0cb07461943aaf925a0b6cee19c0ff164185a680c11c36a17cdf43e4fa3a09eb64b0ce245d130734bf2bc9b7636b2
-
SSDEEP
24576:FNMAURFozuoZUFY6sRv4qD8+yDx9IZ2QuC9j4Jpb5aqtgow:FNMAURFosFY6Sv4D9Q5qJpLw
Behavioral task
behavioral1
Sample
00803b2a9624ab755ca403c3abbf03d7dc3ac396a7c3fbcfb7471d7281cdf9d0.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
00803b2a9624ab755ca403c3abbf03d7dc3ac396a7c3fbcfb7471d7281cdf9d0.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
00803b2a9624ab755ca403c3abbf03d7dc3ac396a7c3fbcfb7471d7281cdf9d0
-
Size
4.0MB
-
MD5
a9035c52848767458693dbff0b0039f2
-
SHA1
d95b563c788e34ce885299115fb0caaa1346388d
-
SHA256
00803b2a9624ab755ca403c3abbf03d7dc3ac396a7c3fbcfb7471d7281cdf9d0
-
SHA512
dca3db6af52e2c4219587f70b6cb6cccd9df4ec7b75618e0c1365b4ea745e67b334b8fda8ea74ea4dade53ba89211f660720e1b2b811f1aa2ac4a10d658135d0
-
SSDEEP
24576:DF9mrnE2Z1y/6oTNBZrBEu8C7jnIQCwRO/wTGS5DBMY4:DD2Z1qT3Zz888QCwRO/wT/aY4
Score10/10-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1