General
-
Target
0cc9c77be7b46d0d4d89befe93e05e13fabbf2253d8200dbddaeef50f5dadf2a
-
Size
216KB
-
Sample
220212-jj9aeabcbq
-
MD5
0bc448fb3c28f459888ada79228b7d38
-
SHA1
9384e92cdee4288d6ec59cbb9bafa35a884d6c9b
-
SHA256
0cc9c77be7b46d0d4d89befe93e05e13fabbf2253d8200dbddaeef50f5dadf2a
-
SHA512
e1a2d58fdfbe62762fabda75dd72535cb4deff74fb490cf17c8ddca3da586b40f58ee2019bd1fc624a2fe15625819c135cee25d3ddfe24ce13077282eeb0e2de
Static task
static1
Behavioral task
behavioral1
Sample
0cc9c77be7b46d0d4d89befe93e05e13fabbf2253d8200dbddaeef50f5dadf2a.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0cc9c77be7b46d0d4d89befe93e05e13fabbf2253d8200dbddaeef50f5dadf2a.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0cc9c77be7b46d0d4d89befe93e05e13fabbf2253d8200dbddaeef50f5dadf2a
-
Size
216KB
-
MD5
0bc448fb3c28f459888ada79228b7d38
-
SHA1
9384e92cdee4288d6ec59cbb9bafa35a884d6c9b
-
SHA256
0cc9c77be7b46d0d4d89befe93e05e13fabbf2253d8200dbddaeef50f5dadf2a
-
SHA512
e1a2d58fdfbe62762fabda75dd72535cb4deff74fb490cf17c8ddca3da586b40f58ee2019bd1fc624a2fe15625819c135cee25d3ddfe24ce13077282eeb0e2de
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-