General
-
Target
1038f778396195e43be4ab047dad4eccbe02daa2a78f14090f9ed8dc46379b64
-
Size
200KB
-
Sample
220212-g4k27saefp
-
MD5
b3ddc8737e6ac1097374cf1fd2a30ea5
-
SHA1
603e981378d48016594b1cbe88df4d82e519be83
-
SHA256
1038f778396195e43be4ab047dad4eccbe02daa2a78f14090f9ed8dc46379b64
-
SHA512
cfefd87f5f16604f3dba403b0a4506bc3649ad03806210065732159f0a1dda12a712f461b0f35b64b8eb3b4127fe31f6829f0989693e4d6d135349adfea78739
Static task
static1
Behavioral task
behavioral1
Sample
1038f778396195e43be4ab047dad4eccbe02daa2a78f14090f9ed8dc46379b64.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1038f778396195e43be4ab047dad4eccbe02daa2a78f14090f9ed8dc46379b64.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1038f778396195e43be4ab047dad4eccbe02daa2a78f14090f9ed8dc46379b64
-
Size
200KB
-
MD5
b3ddc8737e6ac1097374cf1fd2a30ea5
-
SHA1
603e981378d48016594b1cbe88df4d82e519be83
-
SHA256
1038f778396195e43be4ab047dad4eccbe02daa2a78f14090f9ed8dc46379b64
-
SHA512
cfefd87f5f16604f3dba403b0a4506bc3649ad03806210065732159f0a1dda12a712f461b0f35b64b8eb3b4127fe31f6829f0989693e4d6d135349adfea78739
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-