General
-
Target
10ab7c4230e5f02540585d8cc2a0c107b9638e544ebb767e16cb6e4e6862db87
-
Size
92KB
-
Sample
220212-gxab5aadhr
-
MD5
7d74c24d105d3c239164cb019c62bd0e
-
SHA1
13767e228ecfeb1a6a33300a0a71eba04abc4d77
-
SHA256
10ab7c4230e5f02540585d8cc2a0c107b9638e544ebb767e16cb6e4e6862db87
-
SHA512
2e267e96942f1b0360229458ce8485c4216252e7d6586b6ee501637d2ce8a885bfccd35caf83705f58c4969fd048cb90e64b22490f79286092bca805102d9875
Static task
static1
Behavioral task
behavioral1
Sample
10ab7c4230e5f02540585d8cc2a0c107b9638e544ebb767e16cb6e4e6862db87.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
10ab7c4230e5f02540585d8cc2a0c107b9638e544ebb767e16cb6e4e6862db87.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
10ab7c4230e5f02540585d8cc2a0c107b9638e544ebb767e16cb6e4e6862db87
-
Size
92KB
-
MD5
7d74c24d105d3c239164cb019c62bd0e
-
SHA1
13767e228ecfeb1a6a33300a0a71eba04abc4d77
-
SHA256
10ab7c4230e5f02540585d8cc2a0c107b9638e544ebb767e16cb6e4e6862db87
-
SHA512
2e267e96942f1b0360229458ce8485c4216252e7d6586b6ee501637d2ce8a885bfccd35caf83705f58c4969fd048cb90e64b22490f79286092bca805102d9875
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-