General
-
Target
1671a4f7b8ac2d46a4477cfd5521899373c10998566871cde055b875f8507a21
-
Size
176KB
-
Sample
220212-eha9rshccj
-
MD5
0408b18c8a06aa389ed0cd78a38d5972
-
SHA1
77e6945f041475da1cc66a43c66ef15900c01181
-
SHA256
1671a4f7b8ac2d46a4477cfd5521899373c10998566871cde055b875f8507a21
-
SHA512
defab5ff5c32b8a193d3c24cedfdfd409c122fe1af5d29097b738c0bc78249d1b360b315e5cd6584dca951b7912dca3d9e9e1e14a13419926fdc406954b9711a
Static task
static1
Behavioral task
behavioral1
Sample
1671a4f7b8ac2d46a4477cfd5521899373c10998566871cde055b875f8507a21.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1671a4f7b8ac2d46a4477cfd5521899373c10998566871cde055b875f8507a21.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1671a4f7b8ac2d46a4477cfd5521899373c10998566871cde055b875f8507a21
-
Size
176KB
-
MD5
0408b18c8a06aa389ed0cd78a38d5972
-
SHA1
77e6945f041475da1cc66a43c66ef15900c01181
-
SHA256
1671a4f7b8ac2d46a4477cfd5521899373c10998566871cde055b875f8507a21
-
SHA512
defab5ff5c32b8a193d3c24cedfdfd409c122fe1af5d29097b738c0bc78249d1b360b315e5cd6584dca951b7912dca3d9e9e1e14a13419926fdc406954b9711a
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-