General
-
Target
0b8728bfa7531e335ed40a79f04c18bffeb4e36e3b14d37ae9aa75887843780e
-
Size
89KB
-
Sample
220212-j3kq6abeep
-
MD5
0508cec88a289daa818d242564ee58ad
-
SHA1
c6263e2a4727155719e07b30bb91faa6944eb41d
-
SHA256
0b8728bfa7531e335ed40a79f04c18bffeb4e36e3b14d37ae9aa75887843780e
-
SHA512
6f926dab35b3184a3f0b6048199e4e23e768b80c0d03bae88bf1c56e92c374c84b82f6cb931e59d358bc2d5e8e424e4091b22df116d2ad3516081a1a362106a8
Static task
static1
Behavioral task
behavioral1
Sample
0b8728bfa7531e335ed40a79f04c18bffeb4e36e3b14d37ae9aa75887843780e.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0b8728bfa7531e335ed40a79f04c18bffeb4e36e3b14d37ae9aa75887843780e.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0b8728bfa7531e335ed40a79f04c18bffeb4e36e3b14d37ae9aa75887843780e
-
Size
89KB
-
MD5
0508cec88a289daa818d242564ee58ad
-
SHA1
c6263e2a4727155719e07b30bb91faa6944eb41d
-
SHA256
0b8728bfa7531e335ed40a79f04c18bffeb4e36e3b14d37ae9aa75887843780e
-
SHA512
6f926dab35b3184a3f0b6048199e4e23e768b80c0d03bae88bf1c56e92c374c84b82f6cb931e59d358bc2d5e8e424e4091b22df116d2ad3516081a1a362106a8
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-