General
-
Target
0de44758a3a510590d4d89ac412a64df75a44f8b32f24c9d026928cb3f646a74
-
Size
216KB
-
Sample
220212-h5mg4abacn
-
MD5
92f4d055af6ed1b3cca3004742fdce9e
-
SHA1
116544a243aae141e63448ce61273be08f1c6698
-
SHA256
0de44758a3a510590d4d89ac412a64df75a44f8b32f24c9d026928cb3f646a74
-
SHA512
39dfa889681f15d1eefa3bdec207137d0249617ac67c6dc3fc7f516a17cf4129d316fe64a4b815f60556296679febe304153838051aebb9079067e7f629fcba9
Static task
static1
Behavioral task
behavioral1
Sample
0de44758a3a510590d4d89ac412a64df75a44f8b32f24c9d026928cb3f646a74.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0de44758a3a510590d4d89ac412a64df75a44f8b32f24c9d026928cb3f646a74.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0de44758a3a510590d4d89ac412a64df75a44f8b32f24c9d026928cb3f646a74
-
Size
216KB
-
MD5
92f4d055af6ed1b3cca3004742fdce9e
-
SHA1
116544a243aae141e63448ce61273be08f1c6698
-
SHA256
0de44758a3a510590d4d89ac412a64df75a44f8b32f24c9d026928cb3f646a74
-
SHA512
39dfa889681f15d1eefa3bdec207137d0249617ac67c6dc3fc7f516a17cf4129d316fe64a4b815f60556296679febe304153838051aebb9079067e7f629fcba9
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-