General
-
Target
0acae2f4fdc58e4e89a5ec08bc674e52de33d5cf2e2039f313c472b5126b34dd
-
Size
120KB
-
Sample
220212-k5czrscafq
-
MD5
43d416b54a7bbc7c120254879b308cbb
-
SHA1
1da497ac6116fb330141166c87d49356ff7f688c
-
SHA256
0acae2f4fdc58e4e89a5ec08bc674e52de33d5cf2e2039f313c472b5126b34dd
-
SHA512
2bb63336bf5e8ef0581c73e99605e0eef0fd0c6bcf639283e0395373c75a6503fda201d2a5e058e3259b907f81e0f5149c0cf23a1f0cebb2a2ea7df180bb9535
Static task
static1
Behavioral task
behavioral1
Sample
0acae2f4fdc58e4e89a5ec08bc674e52de33d5cf2e2039f313c472b5126b34dd.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0acae2f4fdc58e4e89a5ec08bc674e52de33d5cf2e2039f313c472b5126b34dd.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0acae2f4fdc58e4e89a5ec08bc674e52de33d5cf2e2039f313c472b5126b34dd
-
Size
120KB
-
MD5
43d416b54a7bbc7c120254879b308cbb
-
SHA1
1da497ac6116fb330141166c87d49356ff7f688c
-
SHA256
0acae2f4fdc58e4e89a5ec08bc674e52de33d5cf2e2039f313c472b5126b34dd
-
SHA512
2bb63336bf5e8ef0581c73e99605e0eef0fd0c6bcf639283e0395373c75a6503fda201d2a5e058e3259b907f81e0f5149c0cf23a1f0cebb2a2ea7df180bb9535
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-