General
-
Target
155d51d2534dfa31ab1873e7b1df4c18378045c5be13d46375b2c74489a835de
-
Size
176KB
-
Sample
220212-e1h3bshedj
-
MD5
efe2c752dd5c4033852d16e66b374771
-
SHA1
6b54d3eafe9fd10ad962df5765abcc2db5bcdb3e
-
SHA256
155d51d2534dfa31ab1873e7b1df4c18378045c5be13d46375b2c74489a835de
-
SHA512
cfd170a8eb0f39347ffdca40738c6675e08dbae38aba5a824aba4551c60a405652d654d3d7a30f620167789fcabd48debfa9763516c0c1d2b25badcfcd049a07
Static task
static1
Behavioral task
behavioral1
Sample
155d51d2534dfa31ab1873e7b1df4c18378045c5be13d46375b2c74489a835de.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
155d51d2534dfa31ab1873e7b1df4c18378045c5be13d46375b2c74489a835de.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
155d51d2534dfa31ab1873e7b1df4c18378045c5be13d46375b2c74489a835de
-
Size
176KB
-
MD5
efe2c752dd5c4033852d16e66b374771
-
SHA1
6b54d3eafe9fd10ad962df5765abcc2db5bcdb3e
-
SHA256
155d51d2534dfa31ab1873e7b1df4c18378045c5be13d46375b2c74489a835de
-
SHA512
cfd170a8eb0f39347ffdca40738c6675e08dbae38aba5a824aba4551c60a405652d654d3d7a30f620167789fcabd48debfa9763516c0c1d2b25badcfcd049a07
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-