General
-
Target
06eea3d5bf3d97e30071e36cb96bc3bd1486971c2c6fca5fdd9f0d1644a66ccb
-
Size
176KB
-
Sample
220212-mkf7sschdj
-
MD5
6c0e78b957ce03a49a112f4d688d612d
-
SHA1
101584eea35dea4ab826f78c2e2f4bbd9f6e26a5
-
SHA256
06eea3d5bf3d97e30071e36cb96bc3bd1486971c2c6fca5fdd9f0d1644a66ccb
-
SHA512
6d452aedd1283820a8f422f2eba049b54ab3c7b8b99a9afb03028078b2ae91ca002a7b31e1ef73c13500d06537635365069382d1b70ad96306b81bb6941856ad
Static task
static1
Behavioral task
behavioral1
Sample
06eea3d5bf3d97e30071e36cb96bc3bd1486971c2c6fca5fdd9f0d1644a66ccb.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
06eea3d5bf3d97e30071e36cb96bc3bd1486971c2c6fca5fdd9f0d1644a66ccb.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
06eea3d5bf3d97e30071e36cb96bc3bd1486971c2c6fca5fdd9f0d1644a66ccb
-
Size
176KB
-
MD5
6c0e78b957ce03a49a112f4d688d612d
-
SHA1
101584eea35dea4ab826f78c2e2f4bbd9f6e26a5
-
SHA256
06eea3d5bf3d97e30071e36cb96bc3bd1486971c2c6fca5fdd9f0d1644a66ccb
-
SHA512
6d452aedd1283820a8f422f2eba049b54ab3c7b8b99a9afb03028078b2ae91ca002a7b31e1ef73c13500d06537635365069382d1b70ad96306b81bb6941856ad
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-