General
-
Target
0d2715efc8cdb25925e7d7d1f58514f0b62f999100fe892793c0e4e83c620a30
-
Size
89KB
-
Sample
220212-jfdpbsbbfq
-
MD5
573c7955eecf5030dc9ca385f1927a32
-
SHA1
f29e8d30a126b197ac0c8185ec0e3c21e18a7039
-
SHA256
0d2715efc8cdb25925e7d7d1f58514f0b62f999100fe892793c0e4e83c620a30
-
SHA512
d2307a62b2cfcb6d957817ce7b91011ec3e62da2b1919ad54f2f59c8f4e45c486362e8b5f342c1ce8c9dd4d34047e25d1d679f6f13f4797c5f2491adac69e51c
Static task
static1
Behavioral task
behavioral1
Sample
0d2715efc8cdb25925e7d7d1f58514f0b62f999100fe892793c0e4e83c620a30.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0d2715efc8cdb25925e7d7d1f58514f0b62f999100fe892793c0e4e83c620a30.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0d2715efc8cdb25925e7d7d1f58514f0b62f999100fe892793c0e4e83c620a30
-
Size
89KB
-
MD5
573c7955eecf5030dc9ca385f1927a32
-
SHA1
f29e8d30a126b197ac0c8185ec0e3c21e18a7039
-
SHA256
0d2715efc8cdb25925e7d7d1f58514f0b62f999100fe892793c0e4e83c620a30
-
SHA512
d2307a62b2cfcb6d957817ce7b91011ec3e62da2b1919ad54f2f59c8f4e45c486362e8b5f342c1ce8c9dd4d34047e25d1d679f6f13f4797c5f2491adac69e51c
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-