General
-
Target
0f8b23b2d91e126a901bab15d45a879b3d23cca7831dc72f15444b1ab52f106f
-
Size
150KB
-
Sample
220212-hcy1esafhk
-
MD5
f5f5e009dc4f6390bbd693ad62452cc5
-
SHA1
3d0552d077f65050cfd5be8a2d39b15946a99e89
-
SHA256
0f8b23b2d91e126a901bab15d45a879b3d23cca7831dc72f15444b1ab52f106f
-
SHA512
080800e39d7993b60a319f4312ec1cac48e0bd00a3c931e883b16e63932a0f474ba463a2828cd5be904a650ee24a1e00112a26ed09d8aa14eac56e9a102efc46
Static task
static1
Behavioral task
behavioral1
Sample
0f8b23b2d91e126a901bab15d45a879b3d23cca7831dc72f15444b1ab52f106f.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0f8b23b2d91e126a901bab15d45a879b3d23cca7831dc72f15444b1ab52f106f.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0f8b23b2d91e126a901bab15d45a879b3d23cca7831dc72f15444b1ab52f106f
-
Size
150KB
-
MD5
f5f5e009dc4f6390bbd693ad62452cc5
-
SHA1
3d0552d077f65050cfd5be8a2d39b15946a99e89
-
SHA256
0f8b23b2d91e126a901bab15d45a879b3d23cca7831dc72f15444b1ab52f106f
-
SHA512
080800e39d7993b60a319f4312ec1cac48e0bd00a3c931e883b16e63932a0f474ba463a2828cd5be904a650ee24a1e00112a26ed09d8aa14eac56e9a102efc46
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-