General
-
Target
0324f0c6867297faed5336c38bb44431ea6125a23aa05128dc573744cd9b1dec
-
Size
216KB
-
Sample
220212-n2lz2sdffr
-
MD5
dfeb85a50948b72021dd1e104d769842
-
SHA1
36f3108c77a2688c626c8005c9e5b11090445e39
-
SHA256
0324f0c6867297faed5336c38bb44431ea6125a23aa05128dc573744cd9b1dec
-
SHA512
42d8e1259be3ab2e437b0d3efc57efa2f765cbb3bc12f36c1cb9119e5ecf7711b4a0904830eaa6a7707201cf5bf222b7a2e5edfbde1cf2811667dc8378a4e994
Static task
static1
Behavioral task
behavioral1
Sample
0324f0c6867297faed5336c38bb44431ea6125a23aa05128dc573744cd9b1dec.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0324f0c6867297faed5336c38bb44431ea6125a23aa05128dc573744cd9b1dec.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0324f0c6867297faed5336c38bb44431ea6125a23aa05128dc573744cd9b1dec
-
Size
216KB
-
MD5
dfeb85a50948b72021dd1e104d769842
-
SHA1
36f3108c77a2688c626c8005c9e5b11090445e39
-
SHA256
0324f0c6867297faed5336c38bb44431ea6125a23aa05128dc573744cd9b1dec
-
SHA512
42d8e1259be3ab2e437b0d3efc57efa2f765cbb3bc12f36c1cb9119e5ecf7711b4a0904830eaa6a7707201cf5bf222b7a2e5edfbde1cf2811667dc8378a4e994
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-