General
-
Target
051ce959b53ce35cbdf13681c32d6c3f87664ff98b28284a291eae806d992d68
-
Size
150KB
-
Sample
220212-m94z6adccm
-
MD5
6403ba3b359c5dbebc6b065650c5cf80
-
SHA1
46fc70a43c5a33350b1f6e4e8e9c6dfa9af937de
-
SHA256
051ce959b53ce35cbdf13681c32d6c3f87664ff98b28284a291eae806d992d68
-
SHA512
9a36aa8ef37583c7f0d51f76b5aae87796f0dfb03443a00edaf08fb94fb18ea4037c258b19c71197c1518ec0a167a26d5e56867c0bcdbfb84389b1f62522a0ef
Static task
static1
Behavioral task
behavioral1
Sample
051ce959b53ce35cbdf13681c32d6c3f87664ff98b28284a291eae806d992d68.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
051ce959b53ce35cbdf13681c32d6c3f87664ff98b28284a291eae806d992d68.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
051ce959b53ce35cbdf13681c32d6c3f87664ff98b28284a291eae806d992d68
-
Size
150KB
-
MD5
6403ba3b359c5dbebc6b065650c5cf80
-
SHA1
46fc70a43c5a33350b1f6e4e8e9c6dfa9af937de
-
SHA256
051ce959b53ce35cbdf13681c32d6c3f87664ff98b28284a291eae806d992d68
-
SHA512
9a36aa8ef37583c7f0d51f76b5aae87796f0dfb03443a00edaf08fb94fb18ea4037c258b19c71197c1518ec0a167a26d5e56867c0bcdbfb84389b1f62522a0ef
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-