General
-
Target
08a00f1a183d08bcdb7fdf29656398b5037a20d339eed5a87872c11c5f6ad936
-
Size
176KB
-
Sample
220212-lxnlzacear
-
MD5
4a19fc6894f3fac91db92d68b5b7e0f3
-
SHA1
5ae1166f91fc5b05b5d0088eed260ad259d91c28
-
SHA256
08a00f1a183d08bcdb7fdf29656398b5037a20d339eed5a87872c11c5f6ad936
-
SHA512
d52b04aee8c6c971e2355990856d25e3895202f2938115e0fd781ba01c5558e87a6ca99220d37fc1d01c4c3a1a05e44f1849e7f0d4c53b49444d73da98e294ab
Static task
static1
Behavioral task
behavioral1
Sample
08a00f1a183d08bcdb7fdf29656398b5037a20d339eed5a87872c11c5f6ad936.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
08a00f1a183d08bcdb7fdf29656398b5037a20d339eed5a87872c11c5f6ad936.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
08a00f1a183d08bcdb7fdf29656398b5037a20d339eed5a87872c11c5f6ad936
-
Size
176KB
-
MD5
4a19fc6894f3fac91db92d68b5b7e0f3
-
SHA1
5ae1166f91fc5b05b5d0088eed260ad259d91c28
-
SHA256
08a00f1a183d08bcdb7fdf29656398b5037a20d339eed5a87872c11c5f6ad936
-
SHA512
d52b04aee8c6c971e2355990856d25e3895202f2938115e0fd781ba01c5558e87a6ca99220d37fc1d01c4c3a1a05e44f1849e7f0d4c53b49444d73da98e294ab
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-