General
-
Target
4858e8aad76bba91287a23b5feb3ee9a50008e3078e5ee64987947904891f846N
-
Size
43KB
-
Sample
241018-q821yssgqk
-
MD5
eaa8db06efe9caa472aa3fb3e16b5da0
-
SHA1
8e758f45bcef0b8d52e1afbc934d4d4cb9cdc5f4
-
SHA256
4858e8aad76bba91287a23b5feb3ee9a50008e3078e5ee64987947904891f846
-
SHA512
d41658dc38138378c51d966ebf64b493da5ca04700ab1bfe6b28882a9026af6ade91f2717731bdfc213b2b3e9defcdc82f401bf8b0cecd049e9b22a72a6a5328
-
SSDEEP
768:+U9XnKJv8KrtPNxT4oreP7cIK3yQpdk6x8pf9m4P/S0hVvIZiGDZ6RO8nHE8taqf:+U9abrtX4oocIK3yQkaY9z/S0hhy6k8x
Behavioral task
behavioral1
Sample
4858e8aad76bba91287a23b5feb3ee9a50008e3078e5ee64987947904891f846N.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
4858e8aad76bba91287a23b5feb3ee9a50008e3078e5ee64987947904891f846N
-
Size
43KB
-
MD5
eaa8db06efe9caa472aa3fb3e16b5da0
-
SHA1
8e758f45bcef0b8d52e1afbc934d4d4cb9cdc5f4
-
SHA256
4858e8aad76bba91287a23b5feb3ee9a50008e3078e5ee64987947904891f846
-
SHA512
d41658dc38138378c51d966ebf64b493da5ca04700ab1bfe6b28882a9026af6ade91f2717731bdfc213b2b3e9defcdc82f401bf8b0cecd049e9b22a72a6a5328
-
SSDEEP
768:+U9XnKJv8KrtPNxT4oreP7cIK3yQpdk6x8pf9m4P/S0hVvIZiGDZ6RO8nHE8taqf:+U9abrtX4oocIK3yQkaY9z/S0hhy6k8x
-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1