General
-
Target
1407c4965f927c2b4259adf4bcde2aec9ecbdcfb448ba7e42970ad51db11a14c
-
Size
150KB
-
Sample
220212-fka78ahgej
-
MD5
7eca297b1c118c8879aedd7db07baefa
-
SHA1
e11e51aab839440ff7c1fc8d5f7ab709267b1e6c
-
SHA256
1407c4965f927c2b4259adf4bcde2aec9ecbdcfb448ba7e42970ad51db11a14c
-
SHA512
693c7249aa30103be91c7592db536eef61a75a2a330f9025d1de318f1b2fa035dd5527b7508733abeeac6bc236bf03c71fd6b6a79882353bedaf7cf61dcb1334
Static task
static1
Behavioral task
behavioral1
Sample
1407c4965f927c2b4259adf4bcde2aec9ecbdcfb448ba7e42970ad51db11a14c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1407c4965f927c2b4259adf4bcde2aec9ecbdcfb448ba7e42970ad51db11a14c.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1407c4965f927c2b4259adf4bcde2aec9ecbdcfb448ba7e42970ad51db11a14c
-
Size
150KB
-
MD5
7eca297b1c118c8879aedd7db07baefa
-
SHA1
e11e51aab839440ff7c1fc8d5f7ab709267b1e6c
-
SHA256
1407c4965f927c2b4259adf4bcde2aec9ecbdcfb448ba7e42970ad51db11a14c
-
SHA512
693c7249aa30103be91c7592db536eef61a75a2a330f9025d1de318f1b2fa035dd5527b7508733abeeac6bc236bf03c71fd6b6a79882353bedaf7cf61dcb1334
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-