General
-
Target
916ed90809dbb8952d7b7708cf0e6030724b631fcc3cfadcaa71ae0911b00a93
-
Size
43KB
-
Sample
241123-bkkpfaznbj
-
MD5
cd7c84da461b3c6f561e20facb38aa5e
-
SHA1
e77fbad023499628e3e38ddc96bf98d455576a47
-
SHA256
916ed90809dbb8952d7b7708cf0e6030724b631fcc3cfadcaa71ae0911b00a93
-
SHA512
b75411699fb580633f42cbafac8847e5f858d4e6b4df17598aef542219593d2de2e863c9176aa357f42c58c900a2a96574aa4a7246c7347d0153826d69af5155
-
SSDEEP
768:+U9XnKJv8KrtPNxT4oreP7cIK3yQpdk6x8pf9m4P/S0hVvIZiGDZ6RO8nHE8taq9:+U9abrtX4oocIK3yQkaY9z/S0hhy6k8b
Behavioral task
behavioral1
Sample
916ed90809dbb8952d7b7708cf0e6030724b631fcc3cfadcaa71ae0911b00a93.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
916ed90809dbb8952d7b7708cf0e6030724b631fcc3cfadcaa71ae0911b00a93
-
Size
43KB
-
MD5
cd7c84da461b3c6f561e20facb38aa5e
-
SHA1
e77fbad023499628e3e38ddc96bf98d455576a47
-
SHA256
916ed90809dbb8952d7b7708cf0e6030724b631fcc3cfadcaa71ae0911b00a93
-
SHA512
b75411699fb580633f42cbafac8847e5f858d4e6b4df17598aef542219593d2de2e863c9176aa357f42c58c900a2a96574aa4a7246c7347d0153826d69af5155
-
SSDEEP
768:+U9XnKJv8KrtPNxT4oreP7cIK3yQpdk6x8pf9m4P/S0hVvIZiGDZ6RO8nHE8taq9:+U9abrtX4oocIK3yQkaY9z/S0hhy6k8b
-
Sakula family
-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1