General
-
Target
09aa9dfb6a2e5f7047ace0481ebf98f093cf4f7fe9084be13cae1f14eb12db06
-
Size
168KB
-
Sample
220212-ljyj1sccdq
-
MD5
a3268351f79fe4d9ef0d092852b799b0
-
SHA1
d131c1cc38f0a58116caa33b6cd463682fa53c82
-
SHA256
09aa9dfb6a2e5f7047ace0481ebf98f093cf4f7fe9084be13cae1f14eb12db06
-
SHA512
c6e294c1ff0767388bfc10739e92751b2613e8bc60aead42c52c127e280e5a97b77c96552753c4e9063c4d952077e69ad7197cd345e04abd1bfbeec29ad9583d
Static task
static1
Behavioral task
behavioral1
Sample
09aa9dfb6a2e5f7047ace0481ebf98f093cf4f7fe9084be13cae1f14eb12db06.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
09aa9dfb6a2e5f7047ace0481ebf98f093cf4f7fe9084be13cae1f14eb12db06.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
09aa9dfb6a2e5f7047ace0481ebf98f093cf4f7fe9084be13cae1f14eb12db06
-
Size
168KB
-
MD5
a3268351f79fe4d9ef0d092852b799b0
-
SHA1
d131c1cc38f0a58116caa33b6cd463682fa53c82
-
SHA256
09aa9dfb6a2e5f7047ace0481ebf98f093cf4f7fe9084be13cae1f14eb12db06
-
SHA512
c6e294c1ff0767388bfc10739e92751b2613e8bc60aead42c52c127e280e5a97b77c96552753c4e9063c4d952077e69ad7197cd345e04abd1bfbeec29ad9583d
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-