General
-
Target
135d299ddf1bf0772e247f5ed5f14258d431b5622d9edac8eb16d1b8ceae3f7b
-
Size
89KB
-
Sample
220212-fwls4ahhhm
-
MD5
5f26c967f071356b4821d81cea7f53d1
-
SHA1
8cde9721a464ff2bc6b366b4bc471e96b037ad60
-
SHA256
135d299ddf1bf0772e247f5ed5f14258d431b5622d9edac8eb16d1b8ceae3f7b
-
SHA512
45d68a2dcfd0a1fa643737978729f6145ab983d2d4465bce616648e8e415469ffc2963157c78fbbd698d5967932a4817abb09128f25195d52b38068d700696c9
Static task
static1
Behavioral task
behavioral1
Sample
135d299ddf1bf0772e247f5ed5f14258d431b5622d9edac8eb16d1b8ceae3f7b.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
135d299ddf1bf0772e247f5ed5f14258d431b5622d9edac8eb16d1b8ceae3f7b.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
135d299ddf1bf0772e247f5ed5f14258d431b5622d9edac8eb16d1b8ceae3f7b
-
Size
89KB
-
MD5
5f26c967f071356b4821d81cea7f53d1
-
SHA1
8cde9721a464ff2bc6b366b4bc471e96b037ad60
-
SHA256
135d299ddf1bf0772e247f5ed5f14258d431b5622d9edac8eb16d1b8ceae3f7b
-
SHA512
45d68a2dcfd0a1fa643737978729f6145ab983d2d4465bce616648e8e415469ffc2963157c78fbbd698d5967932a4817abb09128f25195d52b38068d700696c9
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-