General
-
Target
1514a81c2bfb48089b44c395addad629a73756ecc00fe01ae4af078d18044ff9
-
Size
150KB
-
Sample
220212-e7zcwshehr
-
MD5
00e9fcdb6930e32f956221b629c4a1ba
-
SHA1
31739624b0f87d4fca8d79a761cbb0d59d6370c2
-
SHA256
1514a81c2bfb48089b44c395addad629a73756ecc00fe01ae4af078d18044ff9
-
SHA512
0efab9d141ddeac5b9aa7a688c2580b6918a08d18e7cd8b3203a18ebb9e1d0bac7e530f4fc7a63195863cfbdc138c09e1e8f94ab2c6440dded57054b87e7834a
Static task
static1
Behavioral task
behavioral1
Sample
1514a81c2bfb48089b44c395addad629a73756ecc00fe01ae4af078d18044ff9.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1514a81c2bfb48089b44c395addad629a73756ecc00fe01ae4af078d18044ff9.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
1514a81c2bfb48089b44c395addad629a73756ecc00fe01ae4af078d18044ff9
-
Size
150KB
-
MD5
00e9fcdb6930e32f956221b629c4a1ba
-
SHA1
31739624b0f87d4fca8d79a761cbb0d59d6370c2
-
SHA256
1514a81c2bfb48089b44c395addad629a73756ecc00fe01ae4af078d18044ff9
-
SHA512
0efab9d141ddeac5b9aa7a688c2580b6918a08d18e7cd8b3203a18ebb9e1d0bac7e530f4fc7a63195863cfbdc138c09e1e8f94ab2c6440dded57054b87e7834a
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-