General
-
Target
16e5bbba7cefdd09858f46cd3a7ccaa77b752bd3ae190e12c230bbb7d2f82231
-
Size
112KB
-
Sample
220212-eal2ashbdm
-
MD5
a4e759180c02a1543083d393f209e906
-
SHA1
618e5aa1dcbda1038176320acb47697c95da7cc6
-
SHA256
16e5bbba7cefdd09858f46cd3a7ccaa77b752bd3ae190e12c230bbb7d2f82231
-
SHA512
ec59d6ebfcac4908bccaa42fba1d322aefc0de894f74a4cb7fda62d933915991986545c75eeb408df42d7c1b06f22f8f64622b336426e30f9056bc46c0477985
Static task
static1
Behavioral task
behavioral1
Sample
16e5bbba7cefdd09858f46cd3a7ccaa77b752bd3ae190e12c230bbb7d2f82231.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
16e5bbba7cefdd09858f46cd3a7ccaa77b752bd3ae190e12c230bbb7d2f82231.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
16e5bbba7cefdd09858f46cd3a7ccaa77b752bd3ae190e12c230bbb7d2f82231
-
Size
112KB
-
MD5
a4e759180c02a1543083d393f209e906
-
SHA1
618e5aa1dcbda1038176320acb47697c95da7cc6
-
SHA256
16e5bbba7cefdd09858f46cd3a7ccaa77b752bd3ae190e12c230bbb7d2f82231
-
SHA512
ec59d6ebfcac4908bccaa42fba1d322aefc0de894f74a4cb7fda62d933915991986545c75eeb408df42d7c1b06f22f8f64622b336426e30f9056bc46c0477985
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-