General
-
Target
125e1ca374935deaf640086f898de38dcb439e9526916fd7a4c1985916337cbe
-
Size
89KB
-
Sample
220212-f8846aabdk
-
MD5
d667ac4baa8d2110bffaab9890e28dd5
-
SHA1
b6757cc8a1eb6b5e3a9b0c732cdfc71ae64510d7
-
SHA256
125e1ca374935deaf640086f898de38dcb439e9526916fd7a4c1985916337cbe
-
SHA512
205cba6bc827879ef88b259b9314febf772fdcb26279d0277251529ef84774c6123d255b5b223b0f6267042dcf9c44b408610270e2e2a22b8ed8338e355d119f
Static task
static1
Behavioral task
behavioral1
Sample
125e1ca374935deaf640086f898de38dcb439e9526916fd7a4c1985916337cbe.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
125e1ca374935deaf640086f898de38dcb439e9526916fd7a4c1985916337cbe.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
125e1ca374935deaf640086f898de38dcb439e9526916fd7a4c1985916337cbe
-
Size
89KB
-
MD5
d667ac4baa8d2110bffaab9890e28dd5
-
SHA1
b6757cc8a1eb6b5e3a9b0c732cdfc71ae64510d7
-
SHA256
125e1ca374935deaf640086f898de38dcb439e9526916fd7a4c1985916337cbe
-
SHA512
205cba6bc827879ef88b259b9314febf772fdcb26279d0277251529ef84774c6123d255b5b223b0f6267042dcf9c44b408610270e2e2a22b8ed8338e355d119f
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-