General
-
Target
088d4b7100e872bccddde13c9d8fd037836e5b89c7b747e66667d545f0370ee2
-
Size
188KB
-
Sample
220212-lypknacebq
-
MD5
d7be0f23da1dcc36b16b390de4629e1d
-
SHA1
d5364272570001e25d3cb5c817150c9ac1a10bca
-
SHA256
088d4b7100e872bccddde13c9d8fd037836e5b89c7b747e66667d545f0370ee2
-
SHA512
63330a8b0a77dd191ff1ff3b5274b9c3521760cafdb01e85622b642d364cd39b52ea5e68738dfa703464e312afe2a9d42bfb89674066491245f69fbc56c6e284
Static task
static1
Behavioral task
behavioral1
Sample
088d4b7100e872bccddde13c9d8fd037836e5b89c7b747e66667d545f0370ee2.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
088d4b7100e872bccddde13c9d8fd037836e5b89c7b747e66667d545f0370ee2.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
088d4b7100e872bccddde13c9d8fd037836e5b89c7b747e66667d545f0370ee2
-
Size
188KB
-
MD5
d7be0f23da1dcc36b16b390de4629e1d
-
SHA1
d5364272570001e25d3cb5c817150c9ac1a10bca
-
SHA256
088d4b7100e872bccddde13c9d8fd037836e5b89c7b747e66667d545f0370ee2
-
SHA512
63330a8b0a77dd191ff1ff3b5274b9c3521760cafdb01e85622b642d364cd39b52ea5e68738dfa703464e312afe2a9d42bfb89674066491245f69fbc56c6e284
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-