General
-
Target
16e7905aeabacadac414dd1f1b605ab718214c1732f606aedd26b59e1d993561
-
Size
89KB
-
Sample
220212-eacsmahbcq
-
MD5
96584bfc8ea2b79d1e0c153fc82b71dc
-
SHA1
e9a50a2a4c2eb81f115abe1dc8b147765d9c5dcd
-
SHA256
16e7905aeabacadac414dd1f1b605ab718214c1732f606aedd26b59e1d993561
-
SHA512
b9e80a9fc5781d8e05cadcb2a9b5b0b0835085c877d34b078dc22af7dcd369416843d9700f9cd243566eb189b35e6bb98466424b4ebff271111911a4d5844d62
Static task
static1
Behavioral task
behavioral1
Sample
16e7905aeabacadac414dd1f1b605ab718214c1732f606aedd26b59e1d993561.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
16e7905aeabacadac414dd1f1b605ab718214c1732f606aedd26b59e1d993561.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
16e7905aeabacadac414dd1f1b605ab718214c1732f606aedd26b59e1d993561
-
Size
89KB
-
MD5
96584bfc8ea2b79d1e0c153fc82b71dc
-
SHA1
e9a50a2a4c2eb81f115abe1dc8b147765d9c5dcd
-
SHA256
16e7905aeabacadac414dd1f1b605ab718214c1732f606aedd26b59e1d993561
-
SHA512
b9e80a9fc5781d8e05cadcb2a9b5b0b0835085c877d34b078dc22af7dcd369416843d9700f9cd243566eb189b35e6bb98466424b4ebff271111911a4d5844d62
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-