General
-
Target
0d312c876e0e292ee273c53ff8c74d83d5f40379975e33639208b4e46b4b81bb
-
Size
200KB
-
Sample
220212-jesrvsbbep
-
MD5
a631f4bfb8234a0f5cd5abad15da12d7
-
SHA1
13e39e483ea0bf12bfc7e0dcf43b187b8b920b13
-
SHA256
0d312c876e0e292ee273c53ff8c74d83d5f40379975e33639208b4e46b4b81bb
-
SHA512
60443e260c9448def5ef011e7c13d77c0c160e899cdde241b973fef8960f547c3eac642ad78ea3da2e7a62caac7606f2abd5c60c326cef8248ed11bcd836133f
Static task
static1
Behavioral task
behavioral1
Sample
0d312c876e0e292ee273c53ff8c74d83d5f40379975e33639208b4e46b4b81bb.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0d312c876e0e292ee273c53ff8c74d83d5f40379975e33639208b4e46b4b81bb.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0d312c876e0e292ee273c53ff8c74d83d5f40379975e33639208b4e46b4b81bb
-
Size
200KB
-
MD5
a631f4bfb8234a0f5cd5abad15da12d7
-
SHA1
13e39e483ea0bf12bfc7e0dcf43b187b8b920b13
-
SHA256
0d312c876e0e292ee273c53ff8c74d83d5f40379975e33639208b4e46b4b81bb
-
SHA512
60443e260c9448def5ef011e7c13d77c0c160e899cdde241b973fef8960f547c3eac642ad78ea3da2e7a62caac7606f2abd5c60c326cef8248ed11bcd836133f
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-