General
-
Target
1506b557906835a9d319d79554c8b4c8416e1e50ca71aee4f89bc903b9abcafd
-
Size
216KB
-
Sample
220212-e8th2ahfap
-
MD5
385ad9d8f92d0e129b7756a7c10c3585
-
SHA1
c61da48b4e7635f471893c77600501e91060bbf9
-
SHA256
1506b557906835a9d319d79554c8b4c8416e1e50ca71aee4f89bc903b9abcafd
-
SHA512
7e53ef8af41c384f1f1f8a3a5c9d06f38262631c4b66d3600f30e2d67f2a442ca9c479ba6dda52017468fee9ec8bb0ca70ecf1aa25d4c09d66d866c2805c44d3
Static task
static1
Behavioral task
behavioral1
Sample
1506b557906835a9d319d79554c8b4c8416e1e50ca71aee4f89bc903b9abcafd.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1506b557906835a9d319d79554c8b4c8416e1e50ca71aee4f89bc903b9abcafd.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1506b557906835a9d319d79554c8b4c8416e1e50ca71aee4f89bc903b9abcafd
-
Size
216KB
-
MD5
385ad9d8f92d0e129b7756a7c10c3585
-
SHA1
c61da48b4e7635f471893c77600501e91060bbf9
-
SHA256
1506b557906835a9d319d79554c8b4c8416e1e50ca71aee4f89bc903b9abcafd
-
SHA512
7e53ef8af41c384f1f1f8a3a5c9d06f38262631c4b66d3600f30e2d67f2a442ca9c479ba6dda52017468fee9ec8bb0ca70ecf1aa25d4c09d66d866c2805c44d3
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-