General
-
Target
117e15d8ec2169f338bed42f5331e96d115864ea08b7b9ce641cf43402e5f4ae
-
Size
168KB
-
Sample
220212-gkbpesacfk
-
MD5
8a5b815f47fea7fe3141bc90603f650b
-
SHA1
180445ed0a57615b4f5b11628bbee9bdcc33bb9a
-
SHA256
117e15d8ec2169f338bed42f5331e96d115864ea08b7b9ce641cf43402e5f4ae
-
SHA512
5ed1f916ffe9fe42c149a53bd0879a4f9d526c17b380a8e22e296dd7e3035b41e6c929817f9a3b2cf2c99986e07e4bf9b42e2c72a691ebf3beeda5edbf32d47e
Static task
static1
Behavioral task
behavioral1
Sample
117e15d8ec2169f338bed42f5331e96d115864ea08b7b9ce641cf43402e5f4ae.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
117e15d8ec2169f338bed42f5331e96d115864ea08b7b9ce641cf43402e5f4ae.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
117e15d8ec2169f338bed42f5331e96d115864ea08b7b9ce641cf43402e5f4ae
-
Size
168KB
-
MD5
8a5b815f47fea7fe3141bc90603f650b
-
SHA1
180445ed0a57615b4f5b11628bbee9bdcc33bb9a
-
SHA256
117e15d8ec2169f338bed42f5331e96d115864ea08b7b9ce641cf43402e5f4ae
-
SHA512
5ed1f916ffe9fe42c149a53bd0879a4f9d526c17b380a8e22e296dd7e3035b41e6c929817f9a3b2cf2c99986e07e4bf9b42e2c72a691ebf3beeda5edbf32d47e
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-