General
-
Target
12837d0eef0051c204551e00dbd7de0abddb390c480fb423cd4806dfadd5c41d
-
Size
216KB
-
Sample
220212-f7lx8sabbj
-
MD5
c9e9350dc5f7a16284b3c9249674da44
-
SHA1
c0e068dfeaa1db243356ed8e24c487a99a8aa6c7
-
SHA256
12837d0eef0051c204551e00dbd7de0abddb390c480fb423cd4806dfadd5c41d
-
SHA512
b8727566ed6891b5dd1351116e16cce1234d9111f64af36657ee80d74424a63197ffb6f93c3d036d8e2ce4be765be9951a622d19c18dd5b2bdf65e250fc0d344
Static task
static1
Behavioral task
behavioral1
Sample
12837d0eef0051c204551e00dbd7de0abddb390c480fb423cd4806dfadd5c41d.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
12837d0eef0051c204551e00dbd7de0abddb390c480fb423cd4806dfadd5c41d.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
12837d0eef0051c204551e00dbd7de0abddb390c480fb423cd4806dfadd5c41d
-
Size
216KB
-
MD5
c9e9350dc5f7a16284b3c9249674da44
-
SHA1
c0e068dfeaa1db243356ed8e24c487a99a8aa6c7
-
SHA256
12837d0eef0051c204551e00dbd7de0abddb390c480fb423cd4806dfadd5c41d
-
SHA512
b8727566ed6891b5dd1351116e16cce1234d9111f64af36657ee80d74424a63197ffb6f93c3d036d8e2ce4be765be9951a622d19c18dd5b2bdf65e250fc0d344
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-