General
-
Target
5bface997340b7f22bd2ec56e44bb5a06b2f578d1b62b2cf2dbfa886b0471dab
-
Size
35KB
-
Sample
250702-x5z6hs1k13
-
MD5
55143e725379e104c2eb1cb142174d79
-
SHA1
fb022b589774711b1f62907ec359182ea96fe2b0
-
SHA256
5bface997340b7f22bd2ec56e44bb5a06b2f578d1b62b2cf2dbfa886b0471dab
-
SHA512
8a571f7e5c858f6c3cb7c862abce112a7dc2899ab05136438b836fc19c3bfd925b07bede29a4c26ac206574da6b12926f7fd0b519798eacb5874b0bb382682c1
-
SSDEEP
768:3wbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv2647Dz:3wbYP4nuEApQK4TQbtY2gA9DX+ytBOh
Static task
static1
Behavioral task
behavioral1
Sample
5bface997340b7f22bd2ec56e44bb5a06b2f578d1b62b2cf2dbfa886b0471dab.exe
Resource
win10v2004-20250610-en
Behavioral task
behavioral2
Sample
5bface997340b7f22bd2ec56e44bb5a06b2f578d1b62b2cf2dbfa886b0471dab.exe
Resource
win11-20250619-en
Malware Config
Targets
-
-
Target
5bface997340b7f22bd2ec56e44bb5a06b2f578d1b62b2cf2dbfa886b0471dab
-
Size
35KB
-
MD5
55143e725379e104c2eb1cb142174d79
-
SHA1
fb022b589774711b1f62907ec359182ea96fe2b0
-
SHA256
5bface997340b7f22bd2ec56e44bb5a06b2f578d1b62b2cf2dbfa886b0471dab
-
SHA512
8a571f7e5c858f6c3cb7c862abce112a7dc2899ab05136438b836fc19c3bfd925b07bede29a4c26ac206574da6b12926f7fd0b519798eacb5874b0bb382682c1
-
SSDEEP
768:3wbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv2647Dz:3wbYP4nuEApQK4TQbtY2gA9DX+ytBOh
Score10/10-
Sakula family
-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v16
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1