General
-
Target
178bbd4e2c03e0398088422a4dbcc9ce2e2133a178254e8ce5c6eed51e726ce5
-
Size
176KB
-
Sample
220212-d1y8wahacq
-
MD5
d207063cb61319c0b975cf25265aaeac
-
SHA1
c0031871ec1d757838d21e61672401772ddbb3db
-
SHA256
178bbd4e2c03e0398088422a4dbcc9ce2e2133a178254e8ce5c6eed51e726ce5
-
SHA512
aaa105b1a39a6c9f17f83010229f5f6d2eb425a1b75e38f53aea49a53e9a8bc0f44b9ec52c188030b11ac60950682b0a1ae3a193396f90351d7f7039172fb946
Static task
static1
Behavioral task
behavioral1
Sample
178bbd4e2c03e0398088422a4dbcc9ce2e2133a178254e8ce5c6eed51e726ce5.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
178bbd4e2c03e0398088422a4dbcc9ce2e2133a178254e8ce5c6eed51e726ce5.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
178bbd4e2c03e0398088422a4dbcc9ce2e2133a178254e8ce5c6eed51e726ce5
-
Size
176KB
-
MD5
d207063cb61319c0b975cf25265aaeac
-
SHA1
c0031871ec1d757838d21e61672401772ddbb3db
-
SHA256
178bbd4e2c03e0398088422a4dbcc9ce2e2133a178254e8ce5c6eed51e726ce5
-
SHA512
aaa105b1a39a6c9f17f83010229f5f6d2eb425a1b75e38f53aea49a53e9a8bc0f44b9ec52c188030b11ac60950682b0a1ae3a193396f90351d7f7039172fb946
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-