General
-
Target
3a7fc3db6d5a6a5deb66ee0d55f9d884c9b47ad99c9c4f671746bbb39e4f2d41
-
Size
35KB
-
Sample
250702-x51r2s1k14
-
MD5
a7d2fd25bade28c1bc32efcdd609341e
-
SHA1
764c17f623ee03abb4da2816beed8a1516815887
-
SHA256
3a7fc3db6d5a6a5deb66ee0d55f9d884c9b47ad99c9c4f671746bbb39e4f2d41
-
SHA512
38a577a5383c2c669d83bf15bf53267d86dbdc130b4f3ab6c812def2174f6676449149c4b6196576c2cc679202622bd461da7ac1fb7c617223296997f4cc89a7
-
SSDEEP
768:3wbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv2647Dp:3wbYP4nuEApQK4TQbtY2gA9DX+ytBOn
Static task
static1
Behavioral task
behavioral1
Sample
3a7fc3db6d5a6a5deb66ee0d55f9d884c9b47ad99c9c4f671746bbb39e4f2d41.exe
Resource
win10v2004-20250610-en
Behavioral task
behavioral2
Sample
3a7fc3db6d5a6a5deb66ee0d55f9d884c9b47ad99c9c4f671746bbb39e4f2d41.exe
Resource
win11-20250619-en
Malware Config
Targets
-
-
Target
3a7fc3db6d5a6a5deb66ee0d55f9d884c9b47ad99c9c4f671746bbb39e4f2d41
-
Size
35KB
-
MD5
a7d2fd25bade28c1bc32efcdd609341e
-
SHA1
764c17f623ee03abb4da2816beed8a1516815887
-
SHA256
3a7fc3db6d5a6a5deb66ee0d55f9d884c9b47ad99c9c4f671746bbb39e4f2d41
-
SHA512
38a577a5383c2c669d83bf15bf53267d86dbdc130b4f3ab6c812def2174f6676449149c4b6196576c2cc679202622bd461da7ac1fb7c617223296997f4cc89a7
-
SSDEEP
768:3wbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv2647Dp:3wbYP4nuEApQK4TQbtY2gA9DX+ytBOn
Score10/10-
Sakula family
-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v16
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1