General
-
Target
09cb2cdc7ef74e6fdc62ebdcfef6553307772353327068b796c407b521f0ef5a
-
Size
150KB
-
Sample
220212-lhcwxscccp
-
MD5
f5641633208327ce7c3d8f1be3f86f30
-
SHA1
22bfcce9f617d6b985d16f93bdbee764872fe869
-
SHA256
09cb2cdc7ef74e6fdc62ebdcfef6553307772353327068b796c407b521f0ef5a
-
SHA512
c883533e5579d6c1497bee984e2fea02129e5998f1222b1e334782d73dabc24829d17fd67858c5572a38b01ea79445e6609a6369bc222af18f7a41fe2e252e6e
Static task
static1
Behavioral task
behavioral1
Sample
09cb2cdc7ef74e6fdc62ebdcfef6553307772353327068b796c407b521f0ef5a.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
09cb2cdc7ef74e6fdc62ebdcfef6553307772353327068b796c407b521f0ef5a.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
09cb2cdc7ef74e6fdc62ebdcfef6553307772353327068b796c407b521f0ef5a
-
Size
150KB
-
MD5
f5641633208327ce7c3d8f1be3f86f30
-
SHA1
22bfcce9f617d6b985d16f93bdbee764872fe869
-
SHA256
09cb2cdc7ef74e6fdc62ebdcfef6553307772353327068b796c407b521f0ef5a
-
SHA512
c883533e5579d6c1497bee984e2fea02129e5998f1222b1e334782d73dabc24829d17fd67858c5572a38b01ea79445e6609a6369bc222af18f7a41fe2e252e6e
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-