General
-
Target
1620d0c7c8b7caacffdf37180c23ae7fda6ee513d22dc481747aeaed686f6883
-
Size
88KB
-
Sample
220212-emesrahcgj
-
MD5
aaa3d9f94a733e0ba56cf48164965369
-
SHA1
d5ffc5b8c2259e437caedb30ce2203ad511f2214
-
SHA256
1620d0c7c8b7caacffdf37180c23ae7fda6ee513d22dc481747aeaed686f6883
-
SHA512
75aa0fb8bd1e65c21c7590c60dd2221385fdf46b98fd8c27046c875a7eb20afdfc512000cec698d1f567976a0a6366486b412de8b93f44dd1dce122303f342e8
Static task
static1
Behavioral task
behavioral1
Sample
1620d0c7c8b7caacffdf37180c23ae7fda6ee513d22dc481747aeaed686f6883.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1620d0c7c8b7caacffdf37180c23ae7fda6ee513d22dc481747aeaed686f6883.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1620d0c7c8b7caacffdf37180c23ae7fda6ee513d22dc481747aeaed686f6883
-
Size
88KB
-
MD5
aaa3d9f94a733e0ba56cf48164965369
-
SHA1
d5ffc5b8c2259e437caedb30ce2203ad511f2214
-
SHA256
1620d0c7c8b7caacffdf37180c23ae7fda6ee513d22dc481747aeaed686f6883
-
SHA512
75aa0fb8bd1e65c21c7590c60dd2221385fdf46b98fd8c27046c875a7eb20afdfc512000cec698d1f567976a0a6366486b412de8b93f44dd1dce122303f342e8
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-