General
-
Target
1203dac05cb7c8c2038945f0fad64c5dc9865ab496150e9acf9c4864d44be678
-
Size
89KB
-
Sample
220212-gdfpssabhr
-
MD5
514f74b33632084574e89126003ef58e
-
SHA1
c97bfb597ba5dea2960d0fd5c2438f3e8c53d495
-
SHA256
1203dac05cb7c8c2038945f0fad64c5dc9865ab496150e9acf9c4864d44be678
-
SHA512
f244b86b5c57e36cbd61d0702549ec5e00ac5bc13e83cc06f2033afd3ca643cfb53e0e49f7ed7b1ce2d4a108690e9211614b6e3e82537a22416548af0e933b61
Static task
static1
Behavioral task
behavioral1
Sample
1203dac05cb7c8c2038945f0fad64c5dc9865ab496150e9acf9c4864d44be678.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1203dac05cb7c8c2038945f0fad64c5dc9865ab496150e9acf9c4864d44be678.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
1203dac05cb7c8c2038945f0fad64c5dc9865ab496150e9acf9c4864d44be678
-
Size
89KB
-
MD5
514f74b33632084574e89126003ef58e
-
SHA1
c97bfb597ba5dea2960d0fd5c2438f3e8c53d495
-
SHA256
1203dac05cb7c8c2038945f0fad64c5dc9865ab496150e9acf9c4864d44be678
-
SHA512
f244b86b5c57e36cbd61d0702549ec5e00ac5bc13e83cc06f2033afd3ca643cfb53e0e49f7ed7b1ce2d4a108690e9211614b6e3e82537a22416548af0e933b61
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-