General
-
Target
5cbcaeb100ac4d68cc8cfba62855226a9240fccb0f686d5fb81b5c6f297bff8c
-
Size
43KB
-
Sample
241229-23wgrszlft
-
MD5
a94be21dc0824612ff2a08a72f6ed4e8
-
SHA1
704680ffb9aa8687319ca9730901489b94ac01e8
-
SHA256
5cbcaeb100ac4d68cc8cfba62855226a9240fccb0f686d5fb81b5c6f297bff8c
-
SHA512
4f0ce71122f54e7a14dd8e41f03d2d2ffebce76cd7f34d469be60a97637797d62ee10673b6cd7930472a051288e7be4a5ec20c59fd19c61d6336f5d7e8e60293
-
SSDEEP
768:+U9XnKJv8KrtPNxT4oreP7cIK3yQpdk6x8pf9m4P/S0hVvIZiGDZ6RO8nHE8taqd:+U9abrtX4oocIK3yQkaY9z/S0hhy6k8f
Behavioral task
behavioral1
Sample
5cbcaeb100ac4d68cc8cfba62855226a9240fccb0f686d5fb81b5c6f297bff8c.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
5cbcaeb100ac4d68cc8cfba62855226a9240fccb0f686d5fb81b5c6f297bff8c
-
Size
43KB
-
MD5
a94be21dc0824612ff2a08a72f6ed4e8
-
SHA1
704680ffb9aa8687319ca9730901489b94ac01e8
-
SHA256
5cbcaeb100ac4d68cc8cfba62855226a9240fccb0f686d5fb81b5c6f297bff8c
-
SHA512
4f0ce71122f54e7a14dd8e41f03d2d2ffebce76cd7f34d469be60a97637797d62ee10673b6cd7930472a051288e7be4a5ec20c59fd19c61d6336f5d7e8e60293
-
SSDEEP
768:+U9XnKJv8KrtPNxT4oreP7cIK3yQpdk6x8pf9m4P/S0hVvIZiGDZ6RO8nHE8taqd:+U9abrtX4oocIK3yQkaY9z/S0hhy6k8f
-
Sakula family
-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1