General
-
Target
102816879f89f7f09cd6d74eed4daa4664a67b820fa7c42e43bd74db52173cde
-
Size
89KB
-
Sample
220212-g5l1wsaehj
-
MD5
86cb0f67e19bf476d596f89dfd3b2817
-
SHA1
3379088e25b2daf269d1c1de2a547fd04b827c3e
-
SHA256
102816879f89f7f09cd6d74eed4daa4664a67b820fa7c42e43bd74db52173cde
-
SHA512
362189e3bf4df5aabba20262d94726c356d7687f210dc46c90f744ff96cf6580f1ddd24d0c17129ab4fc0d4911f6ccbf7ddcd2a742a6c73e5092081e87856fa0
Static task
static1
Behavioral task
behavioral1
Sample
102816879f89f7f09cd6d74eed4daa4664a67b820fa7c42e43bd74db52173cde.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
102816879f89f7f09cd6d74eed4daa4664a67b820fa7c42e43bd74db52173cde.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
102816879f89f7f09cd6d74eed4daa4664a67b820fa7c42e43bd74db52173cde
-
Size
89KB
-
MD5
86cb0f67e19bf476d596f89dfd3b2817
-
SHA1
3379088e25b2daf269d1c1de2a547fd04b827c3e
-
SHA256
102816879f89f7f09cd6d74eed4daa4664a67b820fa7c42e43bd74db52173cde
-
SHA512
362189e3bf4df5aabba20262d94726c356d7687f210dc46c90f744ff96cf6580f1ddd24d0c17129ab4fc0d4911f6ccbf7ddcd2a742a6c73e5092081e87856fa0
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-