General
-
Target
0c886d16d4625c4356aa086992676aaadf2c038661280ac0eac1b85881513f6f
-
Size
176KB
-
Sample
220212-jpsjvabchq
-
MD5
b11ee71e76eba5c974d677e45a899268
-
SHA1
c15bbbe804c434a5f7f4af888198c6f7a6260740
-
SHA256
0c886d16d4625c4356aa086992676aaadf2c038661280ac0eac1b85881513f6f
-
SHA512
e4db3e8a80d5ccec48fc9cd6bef688ec84694faafa3b336f509ac54ce6cd4f4bf30974909a25f27fa879d4e53c14a112733d1f35b0a4c2fafa32d529d1b557ee
Static task
static1
Behavioral task
behavioral1
Sample
0c886d16d4625c4356aa086992676aaadf2c038661280ac0eac1b85881513f6f.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0c886d16d4625c4356aa086992676aaadf2c038661280ac0eac1b85881513f6f.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0c886d16d4625c4356aa086992676aaadf2c038661280ac0eac1b85881513f6f
-
Size
176KB
-
MD5
b11ee71e76eba5c974d677e45a899268
-
SHA1
c15bbbe804c434a5f7f4af888198c6f7a6260740
-
SHA256
0c886d16d4625c4356aa086992676aaadf2c038661280ac0eac1b85881513f6f
-
SHA512
e4db3e8a80d5ccec48fc9cd6bef688ec84694faafa3b336f509ac54ce6cd4f4bf30974909a25f27fa879d4e53c14a112733d1f35b0a4c2fafa32d529d1b557ee
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-