General
-
Target
0aa884ddaf7e200c7bef43588a10b5cd94776c8e9150951c145e0637268db28c
-
Size
216KB
-
Sample
220212-k7qnmscbam
-
MD5
78bcbd824ac1c2fa6e98c9b30a1a2d57
-
SHA1
3abf919575f650c393c78de93b4c6bd1b7098c21
-
SHA256
0aa884ddaf7e200c7bef43588a10b5cd94776c8e9150951c145e0637268db28c
-
SHA512
92860e216d952ba551f9dba8ecd7db92bd025434b69fb9efe9e7645e1eb44f49587173dadf27375694e21084221e552ce9ec233c25df5d21a7717881aab0ac42
Static task
static1
Behavioral task
behavioral1
Sample
0aa884ddaf7e200c7bef43588a10b5cd94776c8e9150951c145e0637268db28c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0aa884ddaf7e200c7bef43588a10b5cd94776c8e9150951c145e0637268db28c.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0aa884ddaf7e200c7bef43588a10b5cd94776c8e9150951c145e0637268db28c
-
Size
216KB
-
MD5
78bcbd824ac1c2fa6e98c9b30a1a2d57
-
SHA1
3abf919575f650c393c78de93b4c6bd1b7098c21
-
SHA256
0aa884ddaf7e200c7bef43588a10b5cd94776c8e9150951c145e0637268db28c
-
SHA512
92860e216d952ba551f9dba8ecd7db92bd025434b69fb9efe9e7645e1eb44f49587173dadf27375694e21084221e552ce9ec233c25df5d21a7717881aab0ac42
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-