General
-
Target
11673787bc02c9e486c34d13bf77e6194ce91d6d11c8c16de53f895a81f0f176
-
Size
176KB
-
Sample
220212-gljfnaacgk
-
MD5
44dcfdadd36ad2f2c1df70b7834ca525
-
SHA1
de97bfdc5bf24c73afe238f69034ef6b9e499c19
-
SHA256
11673787bc02c9e486c34d13bf77e6194ce91d6d11c8c16de53f895a81f0f176
-
SHA512
ee7e310edfa696d24304a4f5477ed698761d300244ffd05ed772346f01dc16b530576c079527a68ba973d8b7e1e5d06a16b104f1a25db051e9fb9a71d699da9c
Static task
static1
Behavioral task
behavioral1
Sample
11673787bc02c9e486c34d13bf77e6194ce91d6d11c8c16de53f895a81f0f176.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
11673787bc02c9e486c34d13bf77e6194ce91d6d11c8c16de53f895a81f0f176.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
11673787bc02c9e486c34d13bf77e6194ce91d6d11c8c16de53f895a81f0f176
-
Size
176KB
-
MD5
44dcfdadd36ad2f2c1df70b7834ca525
-
SHA1
de97bfdc5bf24c73afe238f69034ef6b9e499c19
-
SHA256
11673787bc02c9e486c34d13bf77e6194ce91d6d11c8c16de53f895a81f0f176
-
SHA512
ee7e310edfa696d24304a4f5477ed698761d300244ffd05ed772346f01dc16b530576c079527a68ba973d8b7e1e5d06a16b104f1a25db051e9fb9a71d699da9c
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-