General
-
Target
0c8ce9a6b904243f00ba6138c812ebe027c471e72c3aa963a79d940fb749e131
-
Size
216KB
-
Sample
220212-jpggksbchl
-
MD5
71f1b11c3a87ad7df83dbb52840ea6ef
-
SHA1
bca6fd8a5b68827bc819be903ad194e1288328c6
-
SHA256
0c8ce9a6b904243f00ba6138c812ebe027c471e72c3aa963a79d940fb749e131
-
SHA512
3d2c49142d5d8cd07e26d385f05b8b90312af39378d7876a302be8ea470f41f002b406c418a90c1ed57ccded31795a0594c00abec53c233363cbbdac9e64b885
Static task
static1
Behavioral task
behavioral1
Sample
0c8ce9a6b904243f00ba6138c812ebe027c471e72c3aa963a79d940fb749e131.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0c8ce9a6b904243f00ba6138c812ebe027c471e72c3aa963a79d940fb749e131.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0c8ce9a6b904243f00ba6138c812ebe027c471e72c3aa963a79d940fb749e131
-
Size
216KB
-
MD5
71f1b11c3a87ad7df83dbb52840ea6ef
-
SHA1
bca6fd8a5b68827bc819be903ad194e1288328c6
-
SHA256
0c8ce9a6b904243f00ba6138c812ebe027c471e72c3aa963a79d940fb749e131
-
SHA512
3d2c49142d5d8cd07e26d385f05b8b90312af39378d7876a302be8ea470f41f002b406c418a90c1ed57ccded31795a0594c00abec53c233363cbbdac9e64b885
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-