General
-
Target
11c3b97238ba7569363aebb0e79f442a831119d1f27ad5f3ab8796a825748dd7
-
Size
150KB
-
Sample
220212-gf1sraaccn
-
MD5
daee7814a6e6d76f6c8216b043f1f435
-
SHA1
e3247673e73b3fa518df6ebfd1392cf5309dae33
-
SHA256
11c3b97238ba7569363aebb0e79f442a831119d1f27ad5f3ab8796a825748dd7
-
SHA512
5586ee757d51555bf56a58dab6814c4ada8fd49c5f313a915c1f1cda682eddf6f282f81f056c6637303c73b49772ed6d69579715a9472409bf6be0a6634851c1
Static task
static1
Behavioral task
behavioral1
Sample
11c3b97238ba7569363aebb0e79f442a831119d1f27ad5f3ab8796a825748dd7.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
11c3b97238ba7569363aebb0e79f442a831119d1f27ad5f3ab8796a825748dd7.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
11c3b97238ba7569363aebb0e79f442a831119d1f27ad5f3ab8796a825748dd7
-
Size
150KB
-
MD5
daee7814a6e6d76f6c8216b043f1f435
-
SHA1
e3247673e73b3fa518df6ebfd1392cf5309dae33
-
SHA256
11c3b97238ba7569363aebb0e79f442a831119d1f27ad5f3ab8796a825748dd7
-
SHA512
5586ee757d51555bf56a58dab6814c4ada8fd49c5f313a915c1f1cda682eddf6f282f81f056c6637303c73b49772ed6d69579715a9472409bf6be0a6634851c1
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-