General
-
Target
0aabb8923e97ce4256eff1305abb979be36923f83f94765ee28584035e2629cb
-
Size
92KB
-
Sample
220212-k7h9kacbak
-
MD5
ba2ed1ae0d602dde340cbd16d1f8de85
-
SHA1
5c675e54b0efaf6dc4d20f8e1acf337ffebce196
-
SHA256
0aabb8923e97ce4256eff1305abb979be36923f83f94765ee28584035e2629cb
-
SHA512
bd53de3528ff31f1351655712c51b757dd8029ddbe415f247dc65827c8456ee3404c9bf3db37c721381bdc428db8c517aa3b30bd4624eb8d2d789665227cec90
Static task
static1
Behavioral task
behavioral1
Sample
0aabb8923e97ce4256eff1305abb979be36923f83f94765ee28584035e2629cb.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0aabb8923e97ce4256eff1305abb979be36923f83f94765ee28584035e2629cb.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0aabb8923e97ce4256eff1305abb979be36923f83f94765ee28584035e2629cb
-
Size
92KB
-
MD5
ba2ed1ae0d602dde340cbd16d1f8de85
-
SHA1
5c675e54b0efaf6dc4d20f8e1acf337ffebce196
-
SHA256
0aabb8923e97ce4256eff1305abb979be36923f83f94765ee28584035e2629cb
-
SHA512
bd53de3528ff31f1351655712c51b757dd8029ddbe415f247dc65827c8456ee3404c9bf3db37c721381bdc428db8c517aa3b30bd4624eb8d2d789665227cec90
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-