General
-
Target
32655448b352dd6049b9cd78072b68deea9eb684791b887b165022b85a8c22d2
-
Size
283KB
-
Sample
241027-1gxx2a1jaq
-
MD5
eb87f6edca2b22d34db2ec7f2a44fda3
-
SHA1
b78bee0c3e859c5d13c22d0a005a47279f904eb4
-
SHA256
32655448b352dd6049b9cd78072b68deea9eb684791b887b165022b85a8c22d2
-
SHA512
05a71914c1d9e973de2fa1c49d14ac0176a0c04db630b51209948683063bed359ebf72abfb61bba9cda6b6d7a3aee0bc379f9d9f05dfc29247826163ce5b0549
-
SSDEEP
1536:NU9abrtX4oocIK3yQkaY9z/S0hhnDiKKJqTnouy8HeBsCXKTnhxJ8:Nm2rocIyhYtJxKJqrout+BsZhE
Behavioral task
behavioral1
Sample
32655448b352dd6049b9cd78072b68deea9eb684791b887b165022b85a8c22d2.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
32655448b352dd6049b9cd78072b68deea9eb684791b887b165022b85a8c22d2
-
Size
283KB
-
MD5
eb87f6edca2b22d34db2ec7f2a44fda3
-
SHA1
b78bee0c3e859c5d13c22d0a005a47279f904eb4
-
SHA256
32655448b352dd6049b9cd78072b68deea9eb684791b887b165022b85a8c22d2
-
SHA512
05a71914c1d9e973de2fa1c49d14ac0176a0c04db630b51209948683063bed359ebf72abfb61bba9cda6b6d7a3aee0bc379f9d9f05dfc29247826163ce5b0549
-
SSDEEP
1536:NU9abrtX4oocIK3yQkaY9z/S0hhnDiKKJqTnouy8HeBsCXKTnhxJ8:Nm2rocIyhYtJxKJqrout+BsZhE
-
Sakula family
-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1