General
-
Target
2d99b2a341e303682a70c24d1982d4731b944b1d5220debb59a25ecad7022a15
-
Size
43KB
-
Sample
240901-zhgrrs1dln
-
MD5
34d333c90a807dc92fafa44a86716ea4
-
SHA1
f6bdc2c67e13ef5a898a71acc43c855b4e18daaa
-
SHA256
2d99b2a341e303682a70c24d1982d4731b944b1d5220debb59a25ecad7022a15
-
SHA512
c0a7bd70f1f45ab58f0d90ec7bb7ba6e0b0ba0158c20a3dd31a59ddb8dcf1370722dabe5dc56d3dcfad0099b0c2ee82b5378e3fdaa88e0da478ec483d070fee6
-
SSDEEP
768:+U9XnKJv8KrtPNxT4oreP7cIK3yQpdk6x8pf9m4P/S0hVvIZiGDZ6RO8nHE8taqr:+U9abrtX4oocIK3yQkaY9z/S0hhy6k8F
Behavioral task
behavioral1
Sample
2d99b2a341e303682a70c24d1982d4731b944b1d5220debb59a25ecad7022a15.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
2d99b2a341e303682a70c24d1982d4731b944b1d5220debb59a25ecad7022a15
-
Size
43KB
-
MD5
34d333c90a807dc92fafa44a86716ea4
-
SHA1
f6bdc2c67e13ef5a898a71acc43c855b4e18daaa
-
SHA256
2d99b2a341e303682a70c24d1982d4731b944b1d5220debb59a25ecad7022a15
-
SHA512
c0a7bd70f1f45ab58f0d90ec7bb7ba6e0b0ba0158c20a3dd31a59ddb8dcf1370722dabe5dc56d3dcfad0099b0c2ee82b5378e3fdaa88e0da478ec483d070fee6
-
SSDEEP
768:+U9XnKJv8KrtPNxT4oreP7cIK3yQpdk6x8pf9m4P/S0hVvIZiGDZ6RO8nHE8taqr:+U9abrtX4oocIK3yQkaY9z/S0hhy6k8F
-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1