General
-
Target
0fd48d559e9a58d681dea3df5dbe55005d2864258c391d2514ac232042e5cc2e
-
Size
216KB
-
Sample
220212-g9bqqaafdl
-
MD5
2443b30396b435cd5a356b1accead931
-
SHA1
2690cc86af2d62d96ef32e7efc8a132a5489c86e
-
SHA256
0fd48d559e9a58d681dea3df5dbe55005d2864258c391d2514ac232042e5cc2e
-
SHA512
d2ef09b6c7168fe8ceb1286aa4f103866845d7e0d701d4e9645018af72f72b078e5c91300411762280b5de89589201f95a2d5ff0f040867387c76219fb1abaa5
Static task
static1
Behavioral task
behavioral1
Sample
0fd48d559e9a58d681dea3df5dbe55005d2864258c391d2514ac232042e5cc2e.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0fd48d559e9a58d681dea3df5dbe55005d2864258c391d2514ac232042e5cc2e.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0fd48d559e9a58d681dea3df5dbe55005d2864258c391d2514ac232042e5cc2e
-
Size
216KB
-
MD5
2443b30396b435cd5a356b1accead931
-
SHA1
2690cc86af2d62d96ef32e7efc8a132a5489c86e
-
SHA256
0fd48d559e9a58d681dea3df5dbe55005d2864258c391d2514ac232042e5cc2e
-
SHA512
d2ef09b6c7168fe8ceb1286aa4f103866845d7e0d701d4e9645018af72f72b078e5c91300411762280b5de89589201f95a2d5ff0f040867387c76219fb1abaa5
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-