General
-
Target
0ba0cca8ba003138c27759e52f00db4c245713fe9091bcfcc4c1353ec1ff1f5d
-
Size
92KB
-
Sample
220212-j1px4abecm
-
MD5
5f2073b2fc39e103feda8d25fb529b34
-
SHA1
fefe4f15cb47eddecf9ed440c74e966a76757b1b
-
SHA256
0ba0cca8ba003138c27759e52f00db4c245713fe9091bcfcc4c1353ec1ff1f5d
-
SHA512
f337542c65298e40ea501157a57d43e2e951a3593085fbf1f7ad4c642623d6e6ed2398ebcf9dd736155e9e4563d6a8cedf81ddc91c54b03021c06f0c9fe5a90f
Static task
static1
Behavioral task
behavioral1
Sample
0ba0cca8ba003138c27759e52f00db4c245713fe9091bcfcc4c1353ec1ff1f5d.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0ba0cca8ba003138c27759e52f00db4c245713fe9091bcfcc4c1353ec1ff1f5d.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0ba0cca8ba003138c27759e52f00db4c245713fe9091bcfcc4c1353ec1ff1f5d
-
Size
92KB
-
MD5
5f2073b2fc39e103feda8d25fb529b34
-
SHA1
fefe4f15cb47eddecf9ed440c74e966a76757b1b
-
SHA256
0ba0cca8ba003138c27759e52f00db4c245713fe9091bcfcc4c1353ec1ff1f5d
-
SHA512
f337542c65298e40ea501157a57d43e2e951a3593085fbf1f7ad4c642623d6e6ed2398ebcf9dd736155e9e4563d6a8cedf81ddc91c54b03021c06f0c9fe5a90f
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-