General
-
Target
059ba058df0e6f2a70bea99a254faa13621e7335103ea806f2e9efde0e03c949
-
Size
216KB
-
Sample
220212-m3rfgsdbdj
-
MD5
e78b7322cd18724a50ab5b8a2ddd0886
-
SHA1
43447243c511235028d38285b65d3c7e02e740b9
-
SHA256
059ba058df0e6f2a70bea99a254faa13621e7335103ea806f2e9efde0e03c949
-
SHA512
abdb2dba403e2154800f18f9448e62e285ee509bcfca591c167fd663f7f40848981a34c97e335b81a4937af5e3fb4485a4f82aa33ea5a808ff2bddd63191131f
Behavioral task
behavioral1
Sample
059ba058df0e6f2a70bea99a254faa13621e7335103ea806f2e9efde0e03c949.exe
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
059ba058df0e6f2a70bea99a254faa13621e7335103ea806f2e9efde0e03c949
-
Size
216KB
-
MD5
e78b7322cd18724a50ab5b8a2ddd0886
-
SHA1
43447243c511235028d38285b65d3c7e02e740b9
-
SHA256
059ba058df0e6f2a70bea99a254faa13621e7335103ea806f2e9efde0e03c949
-
SHA512
abdb2dba403e2154800f18f9448e62e285ee509bcfca591c167fd663f7f40848981a34c97e335b81a4937af5e3fb4485a4f82aa33ea5a808ff2bddd63191131f
-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-