General
-
Target
072fd3a9759dbdd758c1643a3073d1cc18fd52c0fe457311f2f0821cb45b6ec0
-
Size
176KB
-
Sample
220212-mgsfnacgfl
-
MD5
e47cb8fe1268e2ec285770891c43161e
-
SHA1
8480de4ee4563b342863dcd3a294f706f8edd283
-
SHA256
072fd3a9759dbdd758c1643a3073d1cc18fd52c0fe457311f2f0821cb45b6ec0
-
SHA512
a4a47c8bd4b1d2ca3be31f58577ecd0337bbaa968e9402b53e528fbc59336977a1d10558131b89bd17d1f71f9419867d7b03408200de1ab41852f96d247930fa
Static task
static1
Behavioral task
behavioral1
Sample
072fd3a9759dbdd758c1643a3073d1cc18fd52c0fe457311f2f0821cb45b6ec0.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
072fd3a9759dbdd758c1643a3073d1cc18fd52c0fe457311f2f0821cb45b6ec0.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
072fd3a9759dbdd758c1643a3073d1cc18fd52c0fe457311f2f0821cb45b6ec0
-
Size
176KB
-
MD5
e47cb8fe1268e2ec285770891c43161e
-
SHA1
8480de4ee4563b342863dcd3a294f706f8edd283
-
SHA256
072fd3a9759dbdd758c1643a3073d1cc18fd52c0fe457311f2f0821cb45b6ec0
-
SHA512
a4a47c8bd4b1d2ca3be31f58577ecd0337bbaa968e9402b53e528fbc59336977a1d10558131b89bd17d1f71f9419867d7b03408200de1ab41852f96d247930fa
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-