General
-
Target
15bd9db794e940a53f7974e86222882398eb6341b57f6b734ebab43ef424f2b6
-
Size
92KB
-
Sample
220212-etvsjshdfl
-
MD5
8c462ae510f799b1f7addce90c1d4fb8
-
SHA1
590d8644258967d3a182a466c4554becb9597635
-
SHA256
15bd9db794e940a53f7974e86222882398eb6341b57f6b734ebab43ef424f2b6
-
SHA512
75fdbb9fc4019dbf3a61cc662f07c3d500c4596b143f7f106776ef74b5233853acacda25638b0cae84d01391dbc6598a84e0731e519a11f287dc7256b5c10c5b
Static task
static1
Behavioral task
behavioral1
Sample
15bd9db794e940a53f7974e86222882398eb6341b57f6b734ebab43ef424f2b6.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
15bd9db794e940a53f7974e86222882398eb6341b57f6b734ebab43ef424f2b6.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
15bd9db794e940a53f7974e86222882398eb6341b57f6b734ebab43ef424f2b6
-
Size
92KB
-
MD5
8c462ae510f799b1f7addce90c1d4fb8
-
SHA1
590d8644258967d3a182a466c4554becb9597635
-
SHA256
15bd9db794e940a53f7974e86222882398eb6341b57f6b734ebab43ef424f2b6
-
SHA512
75fdbb9fc4019dbf3a61cc662f07c3d500c4596b143f7f106776ef74b5233853acacda25638b0cae84d01391dbc6598a84e0731e519a11f287dc7256b5c10c5b
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-