General
-
Target
14a6d8576deb4de1bf5342924c6fed7f3335b6a4db2e628fc82ae10e19ebd260
-
Size
92KB
-
Sample
220212-fcxq9ahfep
-
MD5
527224b36cbb1542d0ab5756cd8fa40e
-
SHA1
7d8a18f0c8c19ab2d940a7f54a2896b9797b1a7f
-
SHA256
14a6d8576deb4de1bf5342924c6fed7f3335b6a4db2e628fc82ae10e19ebd260
-
SHA512
bab730c8db3b05eab1e30c1424bcf1fd7a9e5281ddaac0e8fa181c2a2900c771c0ad23c00f1d926c694e304e44c720065a812a81389877a33fb909265c6811a4
Static task
static1
Behavioral task
behavioral1
Sample
14a6d8576deb4de1bf5342924c6fed7f3335b6a4db2e628fc82ae10e19ebd260.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
14a6d8576deb4de1bf5342924c6fed7f3335b6a4db2e628fc82ae10e19ebd260.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
14a6d8576deb4de1bf5342924c6fed7f3335b6a4db2e628fc82ae10e19ebd260
-
Size
92KB
-
MD5
527224b36cbb1542d0ab5756cd8fa40e
-
SHA1
7d8a18f0c8c19ab2d940a7f54a2896b9797b1a7f
-
SHA256
14a6d8576deb4de1bf5342924c6fed7f3335b6a4db2e628fc82ae10e19ebd260
-
SHA512
bab730c8db3b05eab1e30c1424bcf1fd7a9e5281ddaac0e8fa181c2a2900c771c0ad23c00f1d926c694e304e44c720065a812a81389877a33fb909265c6811a4
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-