General
-
Target
0c9c8010a198d19c9bf7adfba98d4f7dac9c3af37b5e7ce41efe20f89ad7b8f0
-
Size
176KB
-
Sample
220212-jm77hsbcgj
-
MD5
f13f07bc69b3b43494e079d29eb223c2
-
SHA1
8523ea86ddefbd32e6b5e7a189d7edd581ccdafb
-
SHA256
0c9c8010a198d19c9bf7adfba98d4f7dac9c3af37b5e7ce41efe20f89ad7b8f0
-
SHA512
52766d0fbb156817e2b0f5bffbf9c84da553936fb25635971f8a4f2a7b03e1165dc36b53fdd4480f13f34d92ea1b407a3b1a5a627850745e6b3cfd4f54adae35
Static task
static1
Behavioral task
behavioral1
Sample
0c9c8010a198d19c9bf7adfba98d4f7dac9c3af37b5e7ce41efe20f89ad7b8f0.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0c9c8010a198d19c9bf7adfba98d4f7dac9c3af37b5e7ce41efe20f89ad7b8f0.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0c9c8010a198d19c9bf7adfba98d4f7dac9c3af37b5e7ce41efe20f89ad7b8f0
-
Size
176KB
-
MD5
f13f07bc69b3b43494e079d29eb223c2
-
SHA1
8523ea86ddefbd32e6b5e7a189d7edd581ccdafb
-
SHA256
0c9c8010a198d19c9bf7adfba98d4f7dac9c3af37b5e7ce41efe20f89ad7b8f0
-
SHA512
52766d0fbb156817e2b0f5bffbf9c84da553936fb25635971f8a4f2a7b03e1165dc36b53fdd4480f13f34d92ea1b407a3b1a5a627850745e6b3cfd4f54adae35
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-