General
-
Target
0c3ef2adbf2d21a06b2f25e31d931b873c7cd74a3ef5c5a45c8dea949cbf13be
-
Size
89KB
-
Sample
220212-jser6abdcr
-
MD5
c662e2643b55aeba6f471a413b7819c8
-
SHA1
bb6b8ae2a2f4aab1e5d85183fc49ea9e52e677e9
-
SHA256
0c3ef2adbf2d21a06b2f25e31d931b873c7cd74a3ef5c5a45c8dea949cbf13be
-
SHA512
dd9fd67feb472adaa528123ddca323f6c1dfe0382de4cf3a3f0827512177d92cec193421bd7923d1cec212ce4415bf368392b0e787b250ad34788793aa9b11a8
Static task
static1
Behavioral task
behavioral1
Sample
0c3ef2adbf2d21a06b2f25e31d931b873c7cd74a3ef5c5a45c8dea949cbf13be.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0c3ef2adbf2d21a06b2f25e31d931b873c7cd74a3ef5c5a45c8dea949cbf13be.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0c3ef2adbf2d21a06b2f25e31d931b873c7cd74a3ef5c5a45c8dea949cbf13be
-
Size
89KB
-
MD5
c662e2643b55aeba6f471a413b7819c8
-
SHA1
bb6b8ae2a2f4aab1e5d85183fc49ea9e52e677e9
-
SHA256
0c3ef2adbf2d21a06b2f25e31d931b873c7cd74a3ef5c5a45c8dea949cbf13be
-
SHA512
dd9fd67feb472adaa528123ddca323f6c1dfe0382de4cf3a3f0827512177d92cec193421bd7923d1cec212ce4415bf368392b0e787b250ad34788793aa9b11a8
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-