General
-
Target
13494ff84c1096c4ba23b1cc2e299ae6c428804eb105814154003a3c3ebfa1a1
-
Size
216KB
-
Sample
220212-fxqhnsaaam
-
MD5
49171e1ffa54f2452b63b9fb46b2539a
-
SHA1
0a2749507f9909b0115200207179511e1eb939ec
-
SHA256
13494ff84c1096c4ba23b1cc2e299ae6c428804eb105814154003a3c3ebfa1a1
-
SHA512
7978accaa664deb6a0c8d81904bacd8e40c6a1684d94b84363183cfa92bf504e0779cf6f84c0a85867f9b8395fc86f58d5ab526438e328ea7ce206afe6db761e
Static task
static1
Behavioral task
behavioral1
Sample
13494ff84c1096c4ba23b1cc2e299ae6c428804eb105814154003a3c3ebfa1a1.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
13494ff84c1096c4ba23b1cc2e299ae6c428804eb105814154003a3c3ebfa1a1.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
13494ff84c1096c4ba23b1cc2e299ae6c428804eb105814154003a3c3ebfa1a1
-
Size
216KB
-
MD5
49171e1ffa54f2452b63b9fb46b2539a
-
SHA1
0a2749507f9909b0115200207179511e1eb939ec
-
SHA256
13494ff84c1096c4ba23b1cc2e299ae6c428804eb105814154003a3c3ebfa1a1
-
SHA512
7978accaa664deb6a0c8d81904bacd8e40c6a1684d94b84363183cfa92bf504e0779cf6f84c0a85867f9b8395fc86f58d5ab526438e328ea7ce206afe6db761e
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-