General
-
Target
0ac4079552ff2bac2b8f36d675bd169d0bb7e9133118968f8acb836494cf045e
-
Size
216KB
-
Sample
220212-k536yscagq
-
MD5
96378c6338ccbadd6c28f23eb637d437
-
SHA1
8a415331a81ecc4fe59a593409d4e968c5947886
-
SHA256
0ac4079552ff2bac2b8f36d675bd169d0bb7e9133118968f8acb836494cf045e
-
SHA512
4923c2512241e70370c85c7bf2c30d2dbc018c797d4b1904e7fc82a1d7e68ad00475cb56f5aaf11672508c47f71ace36518fe69ad92d8184566b3235cf9da024
Static task
static1
Behavioral task
behavioral1
Sample
0ac4079552ff2bac2b8f36d675bd169d0bb7e9133118968f8acb836494cf045e.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0ac4079552ff2bac2b8f36d675bd169d0bb7e9133118968f8acb836494cf045e.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0ac4079552ff2bac2b8f36d675bd169d0bb7e9133118968f8acb836494cf045e
-
Size
216KB
-
MD5
96378c6338ccbadd6c28f23eb637d437
-
SHA1
8a415331a81ecc4fe59a593409d4e968c5947886
-
SHA256
0ac4079552ff2bac2b8f36d675bd169d0bb7e9133118968f8acb836494cf045e
-
SHA512
4923c2512241e70370c85c7bf2c30d2dbc018c797d4b1904e7fc82a1d7e68ad00475cb56f5aaf11672508c47f71ace36518fe69ad92d8184566b3235cf9da024
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-