General
-
Target
10f9aed70f01c3eb353cdb7ba16bc960419d166128952f1123c9e6c45ddd41c7
-
Size
216KB
-
Sample
220212-gsj1rsadel
-
MD5
98203a20b42afd1b4c0f01b781b9b93c
-
SHA1
57cc062e00850cee4f6c4e9175cd039247ba9bdb
-
SHA256
10f9aed70f01c3eb353cdb7ba16bc960419d166128952f1123c9e6c45ddd41c7
-
SHA512
f4fa4123132ae02e0393162e75b6b6b651ec6136bf04a90a694fec7d10f85ad13f737d801746bbde17050dc6baa37887acdbb2cc9e39fd065086b8ca0d5f59ed
Static task
static1
Behavioral task
behavioral1
Sample
10f9aed70f01c3eb353cdb7ba16bc960419d166128952f1123c9e6c45ddd41c7.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
10f9aed70f01c3eb353cdb7ba16bc960419d166128952f1123c9e6c45ddd41c7.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
10f9aed70f01c3eb353cdb7ba16bc960419d166128952f1123c9e6c45ddd41c7
-
Size
216KB
-
MD5
98203a20b42afd1b4c0f01b781b9b93c
-
SHA1
57cc062e00850cee4f6c4e9175cd039247ba9bdb
-
SHA256
10f9aed70f01c3eb353cdb7ba16bc960419d166128952f1123c9e6c45ddd41c7
-
SHA512
f4fa4123132ae02e0393162e75b6b6b651ec6136bf04a90a694fec7d10f85ad13f737d801746bbde17050dc6baa37887acdbb2cc9e39fd065086b8ca0d5f59ed
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-