General
-
Target
0ca3e2c88c0f82410b92b498fc9bdc9d499ac8737b7673bf34724421841ce9e1
-
Size
212KB
-
Sample
220212-jmdynsbcen
-
MD5
4f555d008896698e15f7d99963c63382
-
SHA1
397fd99d2fb6f0159e84ca394526dd1ff2e1d4c4
-
SHA256
0ca3e2c88c0f82410b92b498fc9bdc9d499ac8737b7673bf34724421841ce9e1
-
SHA512
879319ea6a5ee001b8404b004d3494f33a9621dc5d24b1f2c41e000657205695b643dc528201fcfade2d5773f7d964edcb492177317ea8fe13a936c0da6a8a4e
Behavioral task
behavioral1
Sample
0ca3e2c88c0f82410b92b498fc9bdc9d499ac8737b7673bf34724421841ce9e1.exe
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
0ca3e2c88c0f82410b92b498fc9bdc9d499ac8737b7673bf34724421841ce9e1
-
Size
212KB
-
MD5
4f555d008896698e15f7d99963c63382
-
SHA1
397fd99d2fb6f0159e84ca394526dd1ff2e1d4c4
-
SHA256
0ca3e2c88c0f82410b92b498fc9bdc9d499ac8737b7673bf34724421841ce9e1
-
SHA512
879319ea6a5ee001b8404b004d3494f33a9621dc5d24b1f2c41e000657205695b643dc528201fcfade2d5773f7d964edcb492177317ea8fe13a936c0da6a8a4e
-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-