General
-
Target
0a0f8cd645d0466a10955740a7bb0d1b3b591e632b6a9422e32884e1bf0dea1f
-
Size
216KB
-
Sample
220212-levbsscbhm
-
MD5
a18c204062821f34000e17b09b8f2810
-
SHA1
bdce1a00d1fefc55591a3783e5c087d53b248577
-
SHA256
0a0f8cd645d0466a10955740a7bb0d1b3b591e632b6a9422e32884e1bf0dea1f
-
SHA512
4a70ebb4ad1144c14596369536f6f16937b43f84277208572f5e07aadf5c444606b9ef578700a17a7bfd892ebb24f5fa0ecc6be929804f5e9b025b134cd8e8d1
Static task
static1
Behavioral task
behavioral1
Sample
0a0f8cd645d0466a10955740a7bb0d1b3b591e632b6a9422e32884e1bf0dea1f.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0a0f8cd645d0466a10955740a7bb0d1b3b591e632b6a9422e32884e1bf0dea1f.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0a0f8cd645d0466a10955740a7bb0d1b3b591e632b6a9422e32884e1bf0dea1f
-
Size
216KB
-
MD5
a18c204062821f34000e17b09b8f2810
-
SHA1
bdce1a00d1fefc55591a3783e5c087d53b248577
-
SHA256
0a0f8cd645d0466a10955740a7bb0d1b3b591e632b6a9422e32884e1bf0dea1f
-
SHA512
4a70ebb4ad1144c14596369536f6f16937b43f84277208572f5e07aadf5c444606b9ef578700a17a7bfd892ebb24f5fa0ecc6be929804f5e9b025b134cd8e8d1
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-