General
-
Target
0f3e52b4d07e90f23b356ed612c6a24d1435b7aef36c4bf804deb82acc65df13
-
Size
89KB
-
Sample
220212-hf58xaagcm
-
MD5
eb6da7658c2d8835a3a5bfb49fa8f27e
-
SHA1
803d5712b2fb456a1cad682fb61fa3cbb276f917
-
SHA256
0f3e52b4d07e90f23b356ed612c6a24d1435b7aef36c4bf804deb82acc65df13
-
SHA512
fb6dc5f9a1c8de6ba361fb046e6a4e5bca3ec110846acaba4efb66570d63dfc42da2d349f60f89b54052d6a69450be168e204f696dba3b35b92796913ef6e8aa
Static task
static1
Behavioral task
behavioral1
Sample
0f3e52b4d07e90f23b356ed612c6a24d1435b7aef36c4bf804deb82acc65df13.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0f3e52b4d07e90f23b356ed612c6a24d1435b7aef36c4bf804deb82acc65df13.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0f3e52b4d07e90f23b356ed612c6a24d1435b7aef36c4bf804deb82acc65df13
-
Size
89KB
-
MD5
eb6da7658c2d8835a3a5bfb49fa8f27e
-
SHA1
803d5712b2fb456a1cad682fb61fa3cbb276f917
-
SHA256
0f3e52b4d07e90f23b356ed612c6a24d1435b7aef36c4bf804deb82acc65df13
-
SHA512
fb6dc5f9a1c8de6ba361fb046e6a4e5bca3ec110846acaba4efb66570d63dfc42da2d349f60f89b54052d6a69450be168e204f696dba3b35b92796913ef6e8aa
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-