General
-
Target
df83f978faefe85ecba70057b565eb6a4e2dc88712dbeb1726bd79807773ff9b
-
Size
35KB
-
Sample
250702-xzg3ra1ky4
-
MD5
43015603d5329ca5f075863e537f0fd7
-
SHA1
c8718a06961f61f8d53158a4c7fd630e31dba684
-
SHA256
df83f978faefe85ecba70057b565eb6a4e2dc88712dbeb1726bd79807773ff9b
-
SHA512
b071aaf7fcf6d018aedb8619f9f8e7f436a08ca97593da71421f38e18d22171684516789a51302a1f64ab2aa0a3542d660dac9ae0fd15a7e884d23f09e10ad25
-
SSDEEP
768:3wbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv2647D/:3wbYP4nuEApQK4TQbtY2gA9DX+ytBOB
Static task
static1
Behavioral task
behavioral1
Sample
df83f978faefe85ecba70057b565eb6a4e2dc88712dbeb1726bd79807773ff9b.exe
Resource
win10v2004-20250619-en
Behavioral task
behavioral2
Sample
df83f978faefe85ecba70057b565eb6a4e2dc88712dbeb1726bd79807773ff9b.exe
Resource
win11-20250619-en
Malware Config
Targets
-
-
Target
df83f978faefe85ecba70057b565eb6a4e2dc88712dbeb1726bd79807773ff9b
-
Size
35KB
-
MD5
43015603d5329ca5f075863e537f0fd7
-
SHA1
c8718a06961f61f8d53158a4c7fd630e31dba684
-
SHA256
df83f978faefe85ecba70057b565eb6a4e2dc88712dbeb1726bd79807773ff9b
-
SHA512
b071aaf7fcf6d018aedb8619f9f8e7f436a08ca97593da71421f38e18d22171684516789a51302a1f64ab2aa0a3542d660dac9ae0fd15a7e884d23f09e10ad25
-
SSDEEP
768:3wbYGCv4nuEcJpQK4TQbtKvXwXgA9lJJea+yGCJQqeWnAEv2647D/:3wbYP4nuEApQK4TQbtY2gA9DX+ytBOB
Score10/10-
Sakula family
-
Sakula payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v16
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1