General
-
Target
106875161a73af7a2b857be111a7559283c5135b494ffba498281c82cb952a21
-
Size
216KB
-
Sample
220212-g197xsaedp
-
MD5
ec0d33f9ba5379071c38133b5736a04d
-
SHA1
54e5eda285d3f08f6bd1f28f1dde1341af34e913
-
SHA256
106875161a73af7a2b857be111a7559283c5135b494ffba498281c82cb952a21
-
SHA512
dc83e9b16b6bfeb2a1cf3adf562ca112eb5d8fd331ef3ad9ae2a2c975bec723233ebd4e741e1da69bc882cba6d0132d6bb9388cc2889909e79dc75aeaa6114ae
Static task
static1
Behavioral task
behavioral1
Sample
106875161a73af7a2b857be111a7559283c5135b494ffba498281c82cb952a21.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
106875161a73af7a2b857be111a7559283c5135b494ffba498281c82cb952a21.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
106875161a73af7a2b857be111a7559283c5135b494ffba498281c82cb952a21
-
Size
216KB
-
MD5
ec0d33f9ba5379071c38133b5736a04d
-
SHA1
54e5eda285d3f08f6bd1f28f1dde1341af34e913
-
SHA256
106875161a73af7a2b857be111a7559283c5135b494ffba498281c82cb952a21
-
SHA512
dc83e9b16b6bfeb2a1cf3adf562ca112eb5d8fd331ef3ad9ae2a2c975bec723233ebd4e741e1da69bc882cba6d0132d6bb9388cc2889909e79dc75aeaa6114ae
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-