General
-
Target
0d9dcfa390e93c72c617f491732e371e1fe7aa7ba2959a4ab3ad7912a7788c48
-
Size
216KB
-
Sample
220212-h9ecaabagl
-
MD5
fcf6c4c4b9f65ba32f5edfc24c25e9c3
-
SHA1
2f9890cd5950e2f1f40807be4cf089f04ea41d45
-
SHA256
0d9dcfa390e93c72c617f491732e371e1fe7aa7ba2959a4ab3ad7912a7788c48
-
SHA512
deccb4ae545a7efd19bcf4e5f116a0fd647b9a5b9983c3a9fd8d3d097befeb345199034c82c61d1dd55ffffa65e11c309f7b3a5fa237ec098f75d6c8aeb9d82d
Static task
static1
Behavioral task
behavioral1
Sample
0d9dcfa390e93c72c617f491732e371e1fe7aa7ba2959a4ab3ad7912a7788c48.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0d9dcfa390e93c72c617f491732e371e1fe7aa7ba2959a4ab3ad7912a7788c48.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0d9dcfa390e93c72c617f491732e371e1fe7aa7ba2959a4ab3ad7912a7788c48
-
Size
216KB
-
MD5
fcf6c4c4b9f65ba32f5edfc24c25e9c3
-
SHA1
2f9890cd5950e2f1f40807be4cf089f04ea41d45
-
SHA256
0d9dcfa390e93c72c617f491732e371e1fe7aa7ba2959a4ab3ad7912a7788c48
-
SHA512
deccb4ae545a7efd19bcf4e5f116a0fd647b9a5b9983c3a9fd8d3d097befeb345199034c82c61d1dd55ffffa65e11c309f7b3a5fa237ec098f75d6c8aeb9d82d
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-