General
-
Target
0880f2f51388fcd48744b4058b6aa44da6568b63bf6688b5a5d22b3e2995653e
-
Size
216KB
-
Sample
220212-lzmsfscedq
-
MD5
f0ecbf17da26cf5892c8a030da0f36e3
-
SHA1
a33cc68b26155449ac815a529743c8edb9e4734b
-
SHA256
0880f2f51388fcd48744b4058b6aa44da6568b63bf6688b5a5d22b3e2995653e
-
SHA512
2c9ac3c202c1ce6a7f4f95c000b8d12e1158b4f9fa625d4b1327ae644d7e28562e9b61de90c66487f5c7010366e4bac7641c9c13f3e761d345e4d6c60e19a7b8
Static task
static1
Behavioral task
behavioral1
Sample
0880f2f51388fcd48744b4058b6aa44da6568b63bf6688b5a5d22b3e2995653e.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0880f2f51388fcd48744b4058b6aa44da6568b63bf6688b5a5d22b3e2995653e.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0880f2f51388fcd48744b4058b6aa44da6568b63bf6688b5a5d22b3e2995653e
-
Size
216KB
-
MD5
f0ecbf17da26cf5892c8a030da0f36e3
-
SHA1
a33cc68b26155449ac815a529743c8edb9e4734b
-
SHA256
0880f2f51388fcd48744b4058b6aa44da6568b63bf6688b5a5d22b3e2995653e
-
SHA512
2c9ac3c202c1ce6a7f4f95c000b8d12e1158b4f9fa625d4b1327ae644d7e28562e9b61de90c66487f5c7010366e4bac7641c9c13f3e761d345e4d6c60e19a7b8
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-