General
-
Target
ad2d07fbc32c1f2a5aedbfc6e08ad45f2bd706a640974036b13e375794d0a612N
-
Size
35KB
-
Sample
241031-nt9q5sxhpm
-
MD5
9248ec73f530a563287d45355ab716b0
-
SHA1
90caa3a5a62219e3eaa6be7939578760db85cef2
-
SHA256
ad2d07fbc32c1f2a5aedbfc6e08ad45f2bd706a640974036b13e375794d0a612
-
SHA512
d143785958e551bd3bfdaaaedfa0aa3c01d8ddc8fedbc728af7d9c1685bb8c5373e2749c6d3e219ab321366c82ab3edb525c9922968d8f13b54e5ba7ce1da000
-
SSDEEP
768:9wbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv26u7DC:9wbYP4nuEApQK4TQbtY2gA9DX+ytBOi
Static task
static1
Behavioral task
behavioral1
Sample
ad2d07fbc32c1f2a5aedbfc6e08ad45f2bd706a640974036b13e375794d0a612N.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
ad2d07fbc32c1f2a5aedbfc6e08ad45f2bd706a640974036b13e375794d0a612N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
ad2d07fbc32c1f2a5aedbfc6e08ad45f2bd706a640974036b13e375794d0a612N
-
Size
35KB
-
MD5
9248ec73f530a563287d45355ab716b0
-
SHA1
90caa3a5a62219e3eaa6be7939578760db85cef2
-
SHA256
ad2d07fbc32c1f2a5aedbfc6e08ad45f2bd706a640974036b13e375794d0a612
-
SHA512
d143785958e551bd3bfdaaaedfa0aa3c01d8ddc8fedbc728af7d9c1685bb8c5373e2749c6d3e219ab321366c82ab3edb525c9922968d8f13b54e5ba7ce1da000
-
SSDEEP
768:9wbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv26u7DC:9wbYP4nuEApQK4TQbtY2gA9DX+ytBOi
Score10/10-
Sakula family
-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1