General
-
Target
0c00a838a7dd63423d53d6fdce91ec4d527c8000587c21b9d1d7b8d959b98da9
-
Size
92KB
-
Sample
220212-jv5flabdgk
-
MD5
ea45561fdfc9b2e5d1cd355885937760
-
SHA1
d13d18dc1d2a577c2e2cf025e39548f69bccd94f
-
SHA256
0c00a838a7dd63423d53d6fdce91ec4d527c8000587c21b9d1d7b8d959b98da9
-
SHA512
5f8b38d2aae19ba36e90e8533d18b1d080a47b83aa2f222b73ac7f04a7cb9761fee976e29c58ca6ac7c7905bb1579773816a5174848abaf6058286adeea14b66
Static task
static1
Behavioral task
behavioral1
Sample
0c00a838a7dd63423d53d6fdce91ec4d527c8000587c21b9d1d7b8d959b98da9.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0c00a838a7dd63423d53d6fdce91ec4d527c8000587c21b9d1d7b8d959b98da9.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0c00a838a7dd63423d53d6fdce91ec4d527c8000587c21b9d1d7b8d959b98da9
-
Size
92KB
-
MD5
ea45561fdfc9b2e5d1cd355885937760
-
SHA1
d13d18dc1d2a577c2e2cf025e39548f69bccd94f
-
SHA256
0c00a838a7dd63423d53d6fdce91ec4d527c8000587c21b9d1d7b8d959b98da9
-
SHA512
5f8b38d2aae19ba36e90e8533d18b1d080a47b83aa2f222b73ac7f04a7cb9761fee976e29c58ca6ac7c7905bb1579773816a5174848abaf6058286adeea14b66
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-