General
-
Target
103150b93e8d7f0c7dd212dd20cc270ddcf332d0fcfbd7a7ba37d13553ac2ed6
-
Size
216KB
-
Sample
220212-g48hhaaegm
-
MD5
907953f694d2d408e0fb79e9194fc1f3
-
SHA1
c5b904d2e2d85b5ebb8fde6d872a08e34b48f6be
-
SHA256
103150b93e8d7f0c7dd212dd20cc270ddcf332d0fcfbd7a7ba37d13553ac2ed6
-
SHA512
baf7013a5a938b8cc6697e99716a1df201bb871bdaa039500f03b685a7584ab893e00571b3a0ba92cd58e01d0e1c3eca392eb554941620cbf53bf5d5ff65f5d0
Static task
static1
Behavioral task
behavioral1
Sample
103150b93e8d7f0c7dd212dd20cc270ddcf332d0fcfbd7a7ba37d13553ac2ed6.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
103150b93e8d7f0c7dd212dd20cc270ddcf332d0fcfbd7a7ba37d13553ac2ed6.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
103150b93e8d7f0c7dd212dd20cc270ddcf332d0fcfbd7a7ba37d13553ac2ed6
-
Size
216KB
-
MD5
907953f694d2d408e0fb79e9194fc1f3
-
SHA1
c5b904d2e2d85b5ebb8fde6d872a08e34b48f6be
-
SHA256
103150b93e8d7f0c7dd212dd20cc270ddcf332d0fcfbd7a7ba37d13553ac2ed6
-
SHA512
baf7013a5a938b8cc6697e99716a1df201bb871bdaa039500f03b685a7584ab893e00571b3a0ba92cd58e01d0e1c3eca392eb554941620cbf53bf5d5ff65f5d0
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-