General
-
Target
1817b77bb7ac550f9070b315e8fd4b1c3a91fa2002a0d783088ac50e6ffcb2fe
-
Size
151KB
-
Sample
220212-dtdzcsghej
-
MD5
3511622e87ff3d8332272bc2470862d4
-
SHA1
632c4a60fea99359abdf328474d5c227ea40b049
-
SHA256
1817b77bb7ac550f9070b315e8fd4b1c3a91fa2002a0d783088ac50e6ffcb2fe
-
SHA512
77f0792943fd1c738bc1b6e5e623bf2521a64d90d1e09e5b39d5cf48d3ce71249e28e2b280a590fe65479ceaab8c6fb34af0feda33eebadf79c7123e05229ced
Static task
static1
Behavioral task
behavioral1
Sample
1817b77bb7ac550f9070b315e8fd4b1c3a91fa2002a0d783088ac50e6ffcb2fe.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1817b77bb7ac550f9070b315e8fd4b1c3a91fa2002a0d783088ac50e6ffcb2fe.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1817b77bb7ac550f9070b315e8fd4b1c3a91fa2002a0d783088ac50e6ffcb2fe
-
Size
151KB
-
MD5
3511622e87ff3d8332272bc2470862d4
-
SHA1
632c4a60fea99359abdf328474d5c227ea40b049
-
SHA256
1817b77bb7ac550f9070b315e8fd4b1c3a91fa2002a0d783088ac50e6ffcb2fe
-
SHA512
77f0792943fd1c738bc1b6e5e623bf2521a64d90d1e09e5b39d5cf48d3ce71249e28e2b280a590fe65479ceaab8c6fb34af0feda33eebadf79c7123e05229ced
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-