General
-
Target
0b08126ffaeaed0947de145124b115de47670ecb90b1fff856db0142c6979a81
-
Size
216KB
-
Sample
220212-kcfvysbffl
-
MD5
dc357d6894e10dd05afa94c04caad009
-
SHA1
907985a922d4cb66b60fcf7934b60e7d2b99a3e0
-
SHA256
0b08126ffaeaed0947de145124b115de47670ecb90b1fff856db0142c6979a81
-
SHA512
cb0997745527b0ca4220e9312ff08229fdcd958e24c6744d46a712f66e67c6e86f0e9cf7a90dd1ae62aff824427ccd4aab24ad03ff145c3ee4b9adc740b9f6c6
Static task
static1
Behavioral task
behavioral1
Sample
0b08126ffaeaed0947de145124b115de47670ecb90b1fff856db0142c6979a81.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0b08126ffaeaed0947de145124b115de47670ecb90b1fff856db0142c6979a81.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0b08126ffaeaed0947de145124b115de47670ecb90b1fff856db0142c6979a81
-
Size
216KB
-
MD5
dc357d6894e10dd05afa94c04caad009
-
SHA1
907985a922d4cb66b60fcf7934b60e7d2b99a3e0
-
SHA256
0b08126ffaeaed0947de145124b115de47670ecb90b1fff856db0142c6979a81
-
SHA512
cb0997745527b0ca4220e9312ff08229fdcd958e24c6744d46a712f66e67c6e86f0e9cf7a90dd1ae62aff824427ccd4aab24ad03ff145c3ee4b9adc740b9f6c6
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-