General
-
Target
6fe2c06c0462bfa83e429a2aa7597600N.exe
-
Size
43KB
-
Sample
240905-zay13szbpg
-
MD5
6fe2c06c0462bfa83e429a2aa7597600
-
SHA1
a010897d702bf618d3b4e90a632b45a55e2c4738
-
SHA256
c5b21c9e0906dac68c7b35764ab7204691758d9f5ed5cc22f4a59655cf73535a
-
SHA512
0b17cec68f2ffc717ecd72a3d22dd0ecd29ceae80531db4473b5f809eacfec1412cc18d0cf9e721cfe70cb421b61bbd52c9e8a5460c4baa6a88980c82a191da2
-
SSDEEP
768:+U9XnKJv8KrtPNxT4oreP7cIK3yQpdk6x8pf9m4P/S0hVvIZiGDZ6RO8nHE8taqX:+U9abrtX4oocIK3yQkaY9z/S0hhy6k8t
Behavioral task
behavioral1
Sample
6fe2c06c0462bfa83e429a2aa7597600N.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
6fe2c06c0462bfa83e429a2aa7597600N.exe
-
Size
43KB
-
MD5
6fe2c06c0462bfa83e429a2aa7597600
-
SHA1
a010897d702bf618d3b4e90a632b45a55e2c4738
-
SHA256
c5b21c9e0906dac68c7b35764ab7204691758d9f5ed5cc22f4a59655cf73535a
-
SHA512
0b17cec68f2ffc717ecd72a3d22dd0ecd29ceae80531db4473b5f809eacfec1412cc18d0cf9e721cfe70cb421b61bbd52c9e8a5460c4baa6a88980c82a191da2
-
SSDEEP
768:+U9XnKJv8KrtPNxT4oreP7cIK3yQpdk6x8pf9m4P/S0hVvIZiGDZ6RO8nHE8taqX:+U9abrtX4oocIK3yQkaY9z/S0hhy6k8t
-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1