General
-
Target
15a19841d3fc140c49c2abb512753394ebe5c24fa3f0ab2bad487cfc0460c168
-
Size
216KB
-
Sample
220212-ewffmshdhj
-
MD5
651b8a01890b93632c6eb3873bb7404f
-
SHA1
eacd1590ea30d8ab67c5a7b1bfb3e8cb81c02563
-
SHA256
15a19841d3fc140c49c2abb512753394ebe5c24fa3f0ab2bad487cfc0460c168
-
SHA512
92eaed4038c3393aae2edcc129ac07de88bc7f1c611eba4c7e1ff5461a881cd3a67b52591893547b3f0a4f7d855ad2d38141d0c4c31f52109a471b0daf97d5e2
Static task
static1
Behavioral task
behavioral1
Sample
15a19841d3fc140c49c2abb512753394ebe5c24fa3f0ab2bad487cfc0460c168.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
15a19841d3fc140c49c2abb512753394ebe5c24fa3f0ab2bad487cfc0460c168.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
15a19841d3fc140c49c2abb512753394ebe5c24fa3f0ab2bad487cfc0460c168
-
Size
216KB
-
MD5
651b8a01890b93632c6eb3873bb7404f
-
SHA1
eacd1590ea30d8ab67c5a7b1bfb3e8cb81c02563
-
SHA256
15a19841d3fc140c49c2abb512753394ebe5c24fa3f0ab2bad487cfc0460c168
-
SHA512
92eaed4038c3393aae2edcc129ac07de88bc7f1c611eba4c7e1ff5461a881cd3a67b52591893547b3f0a4f7d855ad2d38141d0c4c31f52109a471b0daf97d5e2
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-