General
-
Target
0b9b5cb838229943d3de67dff7006ba6d688634882c97620efe0106e31b443d4
-
Size
216KB
-
Sample
220212-j14fgsbecq
-
MD5
ea091972880f973a8020ff451784c27e
-
SHA1
b963fabfca997772505f5d0dff1465d63d34b6af
-
SHA256
0b9b5cb838229943d3de67dff7006ba6d688634882c97620efe0106e31b443d4
-
SHA512
d4c98836bfd6ae2041c575952694b4e4b56e1d59578047e40f8e753eb31e0a60ed389b004dc51680b8d0517a4689d09368f610ea730ed54644b605e129db2a24
Static task
static1
Behavioral task
behavioral1
Sample
0b9b5cb838229943d3de67dff7006ba6d688634882c97620efe0106e31b443d4.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0b9b5cb838229943d3de67dff7006ba6d688634882c97620efe0106e31b443d4.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0b9b5cb838229943d3de67dff7006ba6d688634882c97620efe0106e31b443d4
-
Size
216KB
-
MD5
ea091972880f973a8020ff451784c27e
-
SHA1
b963fabfca997772505f5d0dff1465d63d34b6af
-
SHA256
0b9b5cb838229943d3de67dff7006ba6d688634882c97620efe0106e31b443d4
-
SHA512
d4c98836bfd6ae2041c575952694b4e4b56e1d59578047e40f8e753eb31e0a60ed389b004dc51680b8d0517a4689d09368f610ea730ed54644b605e129db2a24
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-