General
-
Target
135b5874545bb0a36fe33d049ec3b6ad54633bfecada5dc9a67973cc3120f958
-
Size
92KB
-
Sample
220212-fwnyfshhhn
-
MD5
cdf48cfbd97bec85096f016ff8264508
-
SHA1
dd71c0883ce6d4944af9419d0d2dda6c48784105
-
SHA256
135b5874545bb0a36fe33d049ec3b6ad54633bfecada5dc9a67973cc3120f958
-
SHA512
635c2f81f5e426d4dbf2c625cdb5567add57514978554a759d46eb84eaa1820912989d03b7103558aef01acef85c88d8bd3f13f13a52271610afafc90b060210
Static task
static1
Behavioral task
behavioral1
Sample
135b5874545bb0a36fe33d049ec3b6ad54633bfecada5dc9a67973cc3120f958.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
135b5874545bb0a36fe33d049ec3b6ad54633bfecada5dc9a67973cc3120f958.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
135b5874545bb0a36fe33d049ec3b6ad54633bfecada5dc9a67973cc3120f958
-
Size
92KB
-
MD5
cdf48cfbd97bec85096f016ff8264508
-
SHA1
dd71c0883ce6d4944af9419d0d2dda6c48784105
-
SHA256
135b5874545bb0a36fe33d049ec3b6ad54633bfecada5dc9a67973cc3120f958
-
SHA512
635c2f81f5e426d4dbf2c625cdb5567add57514978554a759d46eb84eaa1820912989d03b7103558aef01acef85c88d8bd3f13f13a52271610afafc90b060210
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-