General
-
Target
0a6a28e2e8ab57a5f3abf2544b869aa453988f4a96e2533f8aa919f6b09efe2b
-
Size
216KB
-
Sample
220212-lahgfacbdn
-
MD5
4e1e391b40cf61b65c981479577927be
-
SHA1
f199b4307989649705822df63afda1255e003fbb
-
SHA256
0a6a28e2e8ab57a5f3abf2544b869aa453988f4a96e2533f8aa919f6b09efe2b
-
SHA512
6d0f1a00a7f1e142b4608edbea65c1d8cbdd17245a98250d7678038e8f2f83645d320ccebbb6e7d69a7832315899431ef8a92088ba939acdd67a1dcbf3347f82
Static task
static1
Behavioral task
behavioral1
Sample
0a6a28e2e8ab57a5f3abf2544b869aa453988f4a96e2533f8aa919f6b09efe2b.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0a6a28e2e8ab57a5f3abf2544b869aa453988f4a96e2533f8aa919f6b09efe2b.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0a6a28e2e8ab57a5f3abf2544b869aa453988f4a96e2533f8aa919f6b09efe2b
-
Size
216KB
-
MD5
4e1e391b40cf61b65c981479577927be
-
SHA1
f199b4307989649705822df63afda1255e003fbb
-
SHA256
0a6a28e2e8ab57a5f3abf2544b869aa453988f4a96e2533f8aa919f6b09efe2b
-
SHA512
6d0f1a00a7f1e142b4608edbea65c1d8cbdd17245a98250d7678038e8f2f83645d320ccebbb6e7d69a7832315899431ef8a92088ba939acdd67a1dcbf3347f82
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-