General
-
Target
05d0d205051d74c73e5c88c78663a7a3b796d91668938aaab02f399a51b63ddb
-
Size
188KB
-
Sample
220212-mz6e8sdbaj
-
MD5
bf2412da2f63eada23ba9e783c4cdd30
-
SHA1
1e4e7e19ad79374006cec1893ad3790452de9175
-
SHA256
05d0d205051d74c73e5c88c78663a7a3b796d91668938aaab02f399a51b63ddb
-
SHA512
26c026f4374ddf690adee32c1c21670fe24955305b00c362f7ce032fc4d81d04a0245dc72c30d3fd51613e60b94b56e661528d34e8bfd12d062efecb05934926
Static task
static1
Behavioral task
behavioral1
Sample
05d0d205051d74c73e5c88c78663a7a3b796d91668938aaab02f399a51b63ddb.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
05d0d205051d74c73e5c88c78663a7a3b796d91668938aaab02f399a51b63ddb.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
05d0d205051d74c73e5c88c78663a7a3b796d91668938aaab02f399a51b63ddb
-
Size
188KB
-
MD5
bf2412da2f63eada23ba9e783c4cdd30
-
SHA1
1e4e7e19ad79374006cec1893ad3790452de9175
-
SHA256
05d0d205051d74c73e5c88c78663a7a3b796d91668938aaab02f399a51b63ddb
-
SHA512
26c026f4374ddf690adee32c1c21670fe24955305b00c362f7ce032fc4d81d04a0245dc72c30d3fd51613e60b94b56e661528d34e8bfd12d062efecb05934926
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-