General
-
Target
0f65963f6c5025e68be3d0ee992f714b8b5431ffd5b2ace097175367050c812b
-
Size
216KB
-
Sample
220212-heh2zsagar
-
MD5
772e03d79983fd54ec91a07d06cf1d20
-
SHA1
98c670cb2cf4c8d12b803328c637f2a4da0920d7
-
SHA256
0f65963f6c5025e68be3d0ee992f714b8b5431ffd5b2ace097175367050c812b
-
SHA512
dbead2f26ca0b057c7a43569603d76f1d1724b48182b512beaff293eb5d8db1393510e384c9d515ffcbbd455e2acfbe3c019bd2a651e26c94756b23e4b56a755
Static task
static1
Behavioral task
behavioral1
Sample
0f65963f6c5025e68be3d0ee992f714b8b5431ffd5b2ace097175367050c812b.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0f65963f6c5025e68be3d0ee992f714b8b5431ffd5b2ace097175367050c812b.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0f65963f6c5025e68be3d0ee992f714b8b5431ffd5b2ace097175367050c812b
-
Size
216KB
-
MD5
772e03d79983fd54ec91a07d06cf1d20
-
SHA1
98c670cb2cf4c8d12b803328c637f2a4da0920d7
-
SHA256
0f65963f6c5025e68be3d0ee992f714b8b5431ffd5b2ace097175367050c812b
-
SHA512
dbead2f26ca0b057c7a43569603d76f1d1724b48182b512beaff293eb5d8db1393510e384c9d515ffcbbd455e2acfbe3c019bd2a651e26c94756b23e4b56a755
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-