General
-
Target
0a536b7d873675a88767c2b1f753f88e75b2e8781cd2e5f84b6f3f2d6f23b9d8
-
Size
216KB
-
Sample
220212-lbef6scbfj
-
MD5
1392fc9a060dca561f1c8cbff67c00fd
-
SHA1
f378d131149f7fb077027138ddd079c9d9d8ecc5
-
SHA256
0a536b7d873675a88767c2b1f753f88e75b2e8781cd2e5f84b6f3f2d6f23b9d8
-
SHA512
6d34a270ac09452376a36991bac66bff49ac2811d608fd9a5107a14f33cd3fa077b8dd0be5a9bf7838d57c0313c1578dffba05c9a89bf7921e213f11529f5bf4
Static task
static1
Behavioral task
behavioral1
Sample
0a536b7d873675a88767c2b1f753f88e75b2e8781cd2e5f84b6f3f2d6f23b9d8.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0a536b7d873675a88767c2b1f753f88e75b2e8781cd2e5f84b6f3f2d6f23b9d8.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0a536b7d873675a88767c2b1f753f88e75b2e8781cd2e5f84b6f3f2d6f23b9d8
-
Size
216KB
-
MD5
1392fc9a060dca561f1c8cbff67c00fd
-
SHA1
f378d131149f7fb077027138ddd079c9d9d8ecc5
-
SHA256
0a536b7d873675a88767c2b1f753f88e75b2e8781cd2e5f84b6f3f2d6f23b9d8
-
SHA512
6d34a270ac09452376a36991bac66bff49ac2811d608fd9a5107a14f33cd3fa077b8dd0be5a9bf7838d57c0313c1578dffba05c9a89bf7921e213f11529f5bf4
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-