General
-
Target
099c8dee19f5d24a9357d25727ae8977233cc1755a4293dcc5bfc92d04d46390
-
Size
150KB
-
Sample
220212-lj74fsccek
-
MD5
38f61730148180d53abcb15c1f7d0a3a
-
SHA1
4fbcf95203134e74d658184c6fd627f13e1607ed
-
SHA256
099c8dee19f5d24a9357d25727ae8977233cc1755a4293dcc5bfc92d04d46390
-
SHA512
9f6d38c317fec47e2bca9cca8cc0df66476f71113853d3961e82201acd11a4c6f296d68f493992d2fa6ba2e7b8703de06b64b208a9de09d100d2a59d49d9c2cc
Static task
static1
Behavioral task
behavioral1
Sample
099c8dee19f5d24a9357d25727ae8977233cc1755a4293dcc5bfc92d04d46390.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
099c8dee19f5d24a9357d25727ae8977233cc1755a4293dcc5bfc92d04d46390.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
099c8dee19f5d24a9357d25727ae8977233cc1755a4293dcc5bfc92d04d46390
-
Size
150KB
-
MD5
38f61730148180d53abcb15c1f7d0a3a
-
SHA1
4fbcf95203134e74d658184c6fd627f13e1607ed
-
SHA256
099c8dee19f5d24a9357d25727ae8977233cc1755a4293dcc5bfc92d04d46390
-
SHA512
9f6d38c317fec47e2bca9cca8cc0df66476f71113853d3961e82201acd11a4c6f296d68f493992d2fa6ba2e7b8703de06b64b208a9de09d100d2a59d49d9c2cc
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-