General
-
Target
0544bb11b76f9ebdb2ed4a0b9f851c310d39061d8a38b86190196cf2f0e74072
-
Size
220KB
-
Sample
220212-m79smadcal
-
MD5
5d35fac9b8f2358dab1db8ab8df6e5c0
-
SHA1
2921e160310b827732fde34be365860aca086de7
-
SHA256
0544bb11b76f9ebdb2ed4a0b9f851c310d39061d8a38b86190196cf2f0e74072
-
SHA512
1d49eac22372775f78fc6e365446e0e97b612b7918efc1469976a470bf40eac5a554867a67714f5dba291e308a28ea7224cad901c2241a0ba0d3da6aa21cabb8
Static task
static1
Behavioral task
behavioral1
Sample
0544bb11b76f9ebdb2ed4a0b9f851c310d39061d8a38b86190196cf2f0e74072.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0544bb11b76f9ebdb2ed4a0b9f851c310d39061d8a38b86190196cf2f0e74072.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0544bb11b76f9ebdb2ed4a0b9f851c310d39061d8a38b86190196cf2f0e74072
-
Size
220KB
-
MD5
5d35fac9b8f2358dab1db8ab8df6e5c0
-
SHA1
2921e160310b827732fde34be365860aca086de7
-
SHA256
0544bb11b76f9ebdb2ed4a0b9f851c310d39061d8a38b86190196cf2f0e74072
-
SHA512
1d49eac22372775f78fc6e365446e0e97b612b7918efc1469976a470bf40eac5a554867a67714f5dba291e308a28ea7224cad901c2241a0ba0d3da6aa21cabb8
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-