General
-
Target
06a972ee6ab4e6381dc2e33aaba31a167495acb35a57ec0b41cc8dca433016e9
-
Size
216KB
-
Sample
220212-mpe6aschgn
-
MD5
4427f94c861db7371e8e896309ed23d7
-
SHA1
2877c1e2bffdaca313039664e807ef8933607426
-
SHA256
06a972ee6ab4e6381dc2e33aaba31a167495acb35a57ec0b41cc8dca433016e9
-
SHA512
34f833d3195ac2375406664f16eac2ddcd846bcb36825ef4d0682c8b596d783713ac0166515deea95a3dd85c85a68a0eb75ad84f8313f086693f42193adeac69
Static task
static1
Behavioral task
behavioral1
Sample
06a972ee6ab4e6381dc2e33aaba31a167495acb35a57ec0b41cc8dca433016e9.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
06a972ee6ab4e6381dc2e33aaba31a167495acb35a57ec0b41cc8dca433016e9.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
06a972ee6ab4e6381dc2e33aaba31a167495acb35a57ec0b41cc8dca433016e9
-
Size
216KB
-
MD5
4427f94c861db7371e8e896309ed23d7
-
SHA1
2877c1e2bffdaca313039664e807ef8933607426
-
SHA256
06a972ee6ab4e6381dc2e33aaba31a167495acb35a57ec0b41cc8dca433016e9
-
SHA512
34f833d3195ac2375406664f16eac2ddcd846bcb36825ef4d0682c8b596d783713ac0166515deea95a3dd85c85a68a0eb75ad84f8313f086693f42193adeac69
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-