General
-
Target
161cab33db6eeebeaef9bab1e6deb5ee2ea7ce229c8f498c6cd7d58e9c06e748
-
Size
150KB
-
Sample
220212-emwfhahcgq
-
MD5
507589a24c936f64d3179b6bde988ba3
-
SHA1
99dd6de9698c32a4a20ab2a325cf2039ffe2cccd
-
SHA256
161cab33db6eeebeaef9bab1e6deb5ee2ea7ce229c8f498c6cd7d58e9c06e748
-
SHA512
ac997c24f41cdc7077972a1ae8f5f0dcae4a761dd6bf8068e7a1179d694e9c1af700907a0d53b5e12def29753d1d4fd12a8c85544986b467b2145951a9c8e3e5
Static task
static1
Behavioral task
behavioral1
Sample
161cab33db6eeebeaef9bab1e6deb5ee2ea7ce229c8f498c6cd7d58e9c06e748.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
161cab33db6eeebeaef9bab1e6deb5ee2ea7ce229c8f498c6cd7d58e9c06e748.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
161cab33db6eeebeaef9bab1e6deb5ee2ea7ce229c8f498c6cd7d58e9c06e748
-
Size
150KB
-
MD5
507589a24c936f64d3179b6bde988ba3
-
SHA1
99dd6de9698c32a4a20ab2a325cf2039ffe2cccd
-
SHA256
161cab33db6eeebeaef9bab1e6deb5ee2ea7ce229c8f498c6cd7d58e9c06e748
-
SHA512
ac997c24f41cdc7077972a1ae8f5f0dcae4a761dd6bf8068e7a1179d694e9c1af700907a0d53b5e12def29753d1d4fd12a8c85544986b467b2145951a9c8e3e5
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-