General
-
Target
07dbf5e146a03658013bb0e134487e57980a06f454f514656b7db62d0d6554f4
-
Size
92KB
-
Sample
220212-l8l8aacfel
-
MD5
3a0d5798c87d3457affbcf8b708eeb22
-
SHA1
a1811632819582871292fbcb2d014234cd64f863
-
SHA256
07dbf5e146a03658013bb0e134487e57980a06f454f514656b7db62d0d6554f4
-
SHA512
eeaa5364c5ceecc8d68fef9181bec3b380371e279a2210c4673066332c761b3c2c9d06d9b87afbe9b4db96c3380bd8d395dbe4928d5f20398ab61d61a317916d
Static task
static1
Behavioral task
behavioral1
Sample
07dbf5e146a03658013bb0e134487e57980a06f454f514656b7db62d0d6554f4.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
07dbf5e146a03658013bb0e134487e57980a06f454f514656b7db62d0d6554f4.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
07dbf5e146a03658013bb0e134487e57980a06f454f514656b7db62d0d6554f4
-
Size
92KB
-
MD5
3a0d5798c87d3457affbcf8b708eeb22
-
SHA1
a1811632819582871292fbcb2d014234cd64f863
-
SHA256
07dbf5e146a03658013bb0e134487e57980a06f454f514656b7db62d0d6554f4
-
SHA512
eeaa5364c5ceecc8d68fef9181bec3b380371e279a2210c4673066332c761b3c2c9d06d9b87afbe9b4db96c3380bd8d395dbe4928d5f20398ab61d61a317916d
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-