General
-
Target
0b08da90ab99d11eea7a89f4b1795fcf5d8bcfd94f78567691f02d340d66b156
-
Size
89KB
-
Sample
220212-kcdetsbffk
-
MD5
b58c662a8afab003f8bb63a6130f5e01
-
SHA1
0f1f3dc2fa55fa43ae44874c0be76ab009da22a0
-
SHA256
0b08da90ab99d11eea7a89f4b1795fcf5d8bcfd94f78567691f02d340d66b156
-
SHA512
2ae0047252326605303aac169d5fd4c3bc8db990c547e8f319aeb64ead86ab384a2cb6ee31010942a66b82b1acf0b3733f5ff3e1c0f678e7759d1c0ce2bc8e04
Static task
static1
Behavioral task
behavioral1
Sample
0b08da90ab99d11eea7a89f4b1795fcf5d8bcfd94f78567691f02d340d66b156.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0b08da90ab99d11eea7a89f4b1795fcf5d8bcfd94f78567691f02d340d66b156.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0b08da90ab99d11eea7a89f4b1795fcf5d8bcfd94f78567691f02d340d66b156
-
Size
89KB
-
MD5
b58c662a8afab003f8bb63a6130f5e01
-
SHA1
0f1f3dc2fa55fa43ae44874c0be76ab009da22a0
-
SHA256
0b08da90ab99d11eea7a89f4b1795fcf5d8bcfd94f78567691f02d340d66b156
-
SHA512
2ae0047252326605303aac169d5fd4c3bc8db990c547e8f319aeb64ead86ab384a2cb6ee31010942a66b82b1acf0b3733f5ff3e1c0f678e7759d1c0ce2bc8e04
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-