General
-
Target
1861069b606dc47833f3b4f9d8ee767a24363801ff52b2c68cabbf524d88a0df
-
Size
150KB
-
Sample
220212-dp26dsgham
-
MD5
517a2e182924e2ba39a5a501888a7a20
-
SHA1
f3ecb8deb361a1685215097132ce639844e5dc2a
-
SHA256
1861069b606dc47833f3b4f9d8ee767a24363801ff52b2c68cabbf524d88a0df
-
SHA512
79567507f084f740ebed349384571ec5466b3ca16d2877360b894744d74281f6cd77b1aebc8cfc076ad47204acba083063c5b80c627c863e57dd71ccc3bd0dd0
Static task
static1
Behavioral task
behavioral1
Sample
1861069b606dc47833f3b4f9d8ee767a24363801ff52b2c68cabbf524d88a0df.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1861069b606dc47833f3b4f9d8ee767a24363801ff52b2c68cabbf524d88a0df.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
1861069b606dc47833f3b4f9d8ee767a24363801ff52b2c68cabbf524d88a0df
-
Size
150KB
-
MD5
517a2e182924e2ba39a5a501888a7a20
-
SHA1
f3ecb8deb361a1685215097132ce639844e5dc2a
-
SHA256
1861069b606dc47833f3b4f9d8ee767a24363801ff52b2c68cabbf524d88a0df
-
SHA512
79567507f084f740ebed349384571ec5466b3ca16d2877360b894744d74281f6cd77b1aebc8cfc076ad47204acba083063c5b80c627c863e57dd71ccc3bd0dd0
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-