General
-
Target
0d7621e4679f7badc6c53a41de6bf7ffd41b12eace63a34eeda8672fe24da202
-
Size
116KB
-
Sample
220212-jbf9nabbak
-
MD5
c59a6f49ee75bcb4de30e5bc981c4cf6
-
SHA1
5f71113b9c6bda114f46d4e7a8a4ac45f8d4aa7c
-
SHA256
0d7621e4679f7badc6c53a41de6bf7ffd41b12eace63a34eeda8672fe24da202
-
SHA512
d252ada3fdcad5f6e3a983bfccce91ec9cf503451f8d91066b48129a037e65005eed3cea374f436ed6f5c7798b7b50580f39d0d3d8ff336d30786bc2dc2219fe
Static task
static1
Behavioral task
behavioral1
Sample
0d7621e4679f7badc6c53a41de6bf7ffd41b12eace63a34eeda8672fe24da202.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0d7621e4679f7badc6c53a41de6bf7ffd41b12eace63a34eeda8672fe24da202.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0d7621e4679f7badc6c53a41de6bf7ffd41b12eace63a34eeda8672fe24da202
-
Size
116KB
-
MD5
c59a6f49ee75bcb4de30e5bc981c4cf6
-
SHA1
5f71113b9c6bda114f46d4e7a8a4ac45f8d4aa7c
-
SHA256
0d7621e4679f7badc6c53a41de6bf7ffd41b12eace63a34eeda8672fe24da202
-
SHA512
d252ada3fdcad5f6e3a983bfccce91ec9cf503451f8d91066b48129a037e65005eed3cea374f436ed6f5c7798b7b50580f39d0d3d8ff336d30786bc2dc2219fe
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-