General
-
Target
0b55be092d411a8f75818312f75c213fc1339d91a4386d8abf8beb5065116692
-
Size
92KB
-
Sample
220212-j6xvwsbehn
-
MD5
64dfd2c8bbfd7ca9241599a4e258e223
-
SHA1
60419bf55ab32180077813da40321fcd954a08dc
-
SHA256
0b55be092d411a8f75818312f75c213fc1339d91a4386d8abf8beb5065116692
-
SHA512
c01b0b437126d5bfbb6b1b8f4c7cf528860de2f2c860e5cc12e82d0993edca2a193ec734dac741b7c8cd7f60eb6fa5840da2e589bfc9275c9b913d5db3b918f5
Static task
static1
Behavioral task
behavioral1
Sample
0b55be092d411a8f75818312f75c213fc1339d91a4386d8abf8beb5065116692.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0b55be092d411a8f75818312f75c213fc1339d91a4386d8abf8beb5065116692.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0b55be092d411a8f75818312f75c213fc1339d91a4386d8abf8beb5065116692
-
Size
92KB
-
MD5
64dfd2c8bbfd7ca9241599a4e258e223
-
SHA1
60419bf55ab32180077813da40321fcd954a08dc
-
SHA256
0b55be092d411a8f75818312f75c213fc1339d91a4386d8abf8beb5065116692
-
SHA512
c01b0b437126d5bfbb6b1b8f4c7cf528860de2f2c860e5cc12e82d0993edca2a193ec734dac741b7c8cd7f60eb6fa5840da2e589bfc9275c9b913d5db3b918f5
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-