General
-
Target
1420c020a603db3b378ea35e840956b37fb18711741587975a40eb03fe6463a5
-
Size
216KB
-
Sample
220212-fjet1shgcq
-
MD5
59fd038d2ba5068b6aa3a602d94f6df2
-
SHA1
1569756def3791fdbe2daf1157ad0f8229188429
-
SHA256
1420c020a603db3b378ea35e840956b37fb18711741587975a40eb03fe6463a5
-
SHA512
41efe221e581fe6a986d75762604690dd7ead91ef0ed9c07f7dde6ea548a2cb58fb731a17601d3296a9c18442eb65c29d3c661baaeb737cbffbc66c7d58e44d6
Static task
static1
Behavioral task
behavioral1
Sample
1420c020a603db3b378ea35e840956b37fb18711741587975a40eb03fe6463a5.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1420c020a603db3b378ea35e840956b37fb18711741587975a40eb03fe6463a5.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1420c020a603db3b378ea35e840956b37fb18711741587975a40eb03fe6463a5
-
Size
216KB
-
MD5
59fd038d2ba5068b6aa3a602d94f6df2
-
SHA1
1569756def3791fdbe2daf1157ad0f8229188429
-
SHA256
1420c020a603db3b378ea35e840956b37fb18711741587975a40eb03fe6463a5
-
SHA512
41efe221e581fe6a986d75762604690dd7ead91ef0ed9c07f7dde6ea548a2cb58fb731a17601d3296a9c18442eb65c29d3c661baaeb737cbffbc66c7d58e44d6
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-