General
-
Target
1563656d1cf8f63368af6f94e44266d0f269410c057ae93a82692ab6484cb073
-
Size
216KB
-
Sample
220212-ez9hwshecn
-
MD5
fd44014f2c89029d37f32eeae55c8bba
-
SHA1
ae4c5acc032fca4335c9ba03edbcf56438627853
-
SHA256
1563656d1cf8f63368af6f94e44266d0f269410c057ae93a82692ab6484cb073
-
SHA512
d15a87b42ccfbd24ea18bc2d77fd10e5c921a645e720627848bb8897df5ba30d5587f13329f06d5307da35611966269d8659156f92b70741cb2c96e50c9a0fca
Static task
static1
Behavioral task
behavioral1
Sample
1563656d1cf8f63368af6f94e44266d0f269410c057ae93a82692ab6484cb073.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1563656d1cf8f63368af6f94e44266d0f269410c057ae93a82692ab6484cb073.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1563656d1cf8f63368af6f94e44266d0f269410c057ae93a82692ab6484cb073
-
Size
216KB
-
MD5
fd44014f2c89029d37f32eeae55c8bba
-
SHA1
ae4c5acc032fca4335c9ba03edbcf56438627853
-
SHA256
1563656d1cf8f63368af6f94e44266d0f269410c057ae93a82692ab6484cb073
-
SHA512
d15a87b42ccfbd24ea18bc2d77fd10e5c921a645e720627848bb8897df5ba30d5587f13329f06d5307da35611966269d8659156f92b70741cb2c96e50c9a0fca
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-