General
-
Target
115611c076d4c4a3010e5004d63315c618a3f7ee265ac627ff0361ad9f5c1e90
-
Size
176KB
-
Sample
220212-gmb3zaacgr
-
MD5
e1307c67b4293f9fce6c6b44abd23097
-
SHA1
8e303991efcd373d9fcf7f7a6f237c15e83afde5
-
SHA256
115611c076d4c4a3010e5004d63315c618a3f7ee265ac627ff0361ad9f5c1e90
-
SHA512
34484b4e3d5142e9cc85101d1e182223a9b8b36d4d37ea2537f0176c1e4f337f61d4de8f0c9d060951c2c9a410a2c4469e9f5929ed4955a5bab6ea61cfc8b21e
Static task
static1
Behavioral task
behavioral1
Sample
115611c076d4c4a3010e5004d63315c618a3f7ee265ac627ff0361ad9f5c1e90.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
115611c076d4c4a3010e5004d63315c618a3f7ee265ac627ff0361ad9f5c1e90.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
115611c076d4c4a3010e5004d63315c618a3f7ee265ac627ff0361ad9f5c1e90
-
Size
176KB
-
MD5
e1307c67b4293f9fce6c6b44abd23097
-
SHA1
8e303991efcd373d9fcf7f7a6f237c15e83afde5
-
SHA256
115611c076d4c4a3010e5004d63315c618a3f7ee265ac627ff0361ad9f5c1e90
-
SHA512
34484b4e3d5142e9cc85101d1e182223a9b8b36d4d37ea2537f0176c1e4f337f61d4de8f0c9d060951c2c9a410a2c4469e9f5929ed4955a5bab6ea61cfc8b21e
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-