General
-
Target
056e0b9b1fa34942b86c4f7ce9dab9a595e2b0e7be82e9e55d2d6794ba6d26f2
-
Size
216KB
-
Sample
220212-m52n8sdbfr
-
MD5
8d7982fbb725a298e380c44c92ce29a3
-
SHA1
9c7b625a253fa851539110c39c97a1c7f873bb51
-
SHA256
056e0b9b1fa34942b86c4f7ce9dab9a595e2b0e7be82e9e55d2d6794ba6d26f2
-
SHA512
d3b8ee7a1cfe71c36e58398bdbe2c36f8b3b64d93a792b0c13b00eec3dd1a2d089f940ce68cf0cda6323dfd7fd8b112ba0fc96c37e53c1ce12d59985a2d95973
Static task
static1
Behavioral task
behavioral1
Sample
056e0b9b1fa34942b86c4f7ce9dab9a595e2b0e7be82e9e55d2d6794ba6d26f2.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
056e0b9b1fa34942b86c4f7ce9dab9a595e2b0e7be82e9e55d2d6794ba6d26f2.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
056e0b9b1fa34942b86c4f7ce9dab9a595e2b0e7be82e9e55d2d6794ba6d26f2
-
Size
216KB
-
MD5
8d7982fbb725a298e380c44c92ce29a3
-
SHA1
9c7b625a253fa851539110c39c97a1c7f873bb51
-
SHA256
056e0b9b1fa34942b86c4f7ce9dab9a595e2b0e7be82e9e55d2d6794ba6d26f2
-
SHA512
d3b8ee7a1cfe71c36e58398bdbe2c36f8b3b64d93a792b0c13b00eec3dd1a2d089f940ce68cf0cda6323dfd7fd8b112ba0fc96c37e53c1ce12d59985a2d95973
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-