General
-
Target
118e0ab87c499019db1a635d6f5d9da5ad057f1f7dbcd750c8f89d04f73b0ba9
-
Size
120KB
-
Sample
220212-gjxkhaaceq
-
MD5
0ae38f04d021bebca8c9d7d8570b0919
-
SHA1
d15dc55ae82c71ac0d8b2cdb4d4f230c30979df0
-
SHA256
118e0ab87c499019db1a635d6f5d9da5ad057f1f7dbcd750c8f89d04f73b0ba9
-
SHA512
174d1b4556bb96c9eb5c5cf00af640123633ba9e353638be6943e93f5d1e745b42f34a90810dc9828d297878344483eb9193747d197178f4dea4750a5becda2e
Static task
static1
Behavioral task
behavioral1
Sample
118e0ab87c499019db1a635d6f5d9da5ad057f1f7dbcd750c8f89d04f73b0ba9.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
118e0ab87c499019db1a635d6f5d9da5ad057f1f7dbcd750c8f89d04f73b0ba9.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
118e0ab87c499019db1a635d6f5d9da5ad057f1f7dbcd750c8f89d04f73b0ba9
-
Size
120KB
-
MD5
0ae38f04d021bebca8c9d7d8570b0919
-
SHA1
d15dc55ae82c71ac0d8b2cdb4d4f230c30979df0
-
SHA256
118e0ab87c499019db1a635d6f5d9da5ad057f1f7dbcd750c8f89d04f73b0ba9
-
SHA512
174d1b4556bb96c9eb5c5cf00af640123633ba9e353638be6943e93f5d1e745b42f34a90810dc9828d297878344483eb9193747d197178f4dea4750a5becda2e
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-