General
-
Target
1218dc219bfcfb702e739e93f33ecc6e73d12898975ee664158a225519819af7
-
Size
176KB
-
Sample
220212-gcwdvsabhm
-
MD5
d9b7a3746eb4b78e2511c013f35fecc9
-
SHA1
a68b316c548dae4b41e501289abc32e4e33d28e8
-
SHA256
1218dc219bfcfb702e739e93f33ecc6e73d12898975ee664158a225519819af7
-
SHA512
3a6c955a793f7be30bea7b5f09d3f8c56c02f543335811cccba0c847e9716457b4405fe18dcd499fcb97f5a20ba2e909c849384fc86505b52fbf3e40a57bf2b1
Static task
static1
Behavioral task
behavioral1
Sample
1218dc219bfcfb702e739e93f33ecc6e73d12898975ee664158a225519819af7.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1218dc219bfcfb702e739e93f33ecc6e73d12898975ee664158a225519819af7.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
1218dc219bfcfb702e739e93f33ecc6e73d12898975ee664158a225519819af7
-
Size
176KB
-
MD5
d9b7a3746eb4b78e2511c013f35fecc9
-
SHA1
a68b316c548dae4b41e501289abc32e4e33d28e8
-
SHA256
1218dc219bfcfb702e739e93f33ecc6e73d12898975ee664158a225519819af7
-
SHA512
3a6c955a793f7be30bea7b5f09d3f8c56c02f543335811cccba0c847e9716457b4405fe18dcd499fcb97f5a20ba2e909c849384fc86505b52fbf3e40a57bf2b1
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-