General
-
Target
03051e36c2d2e1a937153d5c6690768ed13b7f45480a9cd5c2e46555d613a34e
-
Size
150KB
-
Sample
220212-n3myqsdfgr
-
MD5
0ba3866fb98b35de316e3cb8a8b70b6c
-
SHA1
60c48cf62cb9ae12e52304edb7bc22dbd0136b23
-
SHA256
03051e36c2d2e1a937153d5c6690768ed13b7f45480a9cd5c2e46555d613a34e
-
SHA512
d1d8638f4c4405a95573094bacf998143b2ea174b2fea7544d291604f5595c5c01b5f1f28bbff6713a2cf3ff26e04f1f480e491e59f53640faa73c03c1bd89c1
Static task
static1
Behavioral task
behavioral1
Sample
03051e36c2d2e1a937153d5c6690768ed13b7f45480a9cd5c2e46555d613a34e.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
03051e36c2d2e1a937153d5c6690768ed13b7f45480a9cd5c2e46555d613a34e.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
03051e36c2d2e1a937153d5c6690768ed13b7f45480a9cd5c2e46555d613a34e
-
Size
150KB
-
MD5
0ba3866fb98b35de316e3cb8a8b70b6c
-
SHA1
60c48cf62cb9ae12e52304edb7bc22dbd0136b23
-
SHA256
03051e36c2d2e1a937153d5c6690768ed13b7f45480a9cd5c2e46555d613a34e
-
SHA512
d1d8638f4c4405a95573094bacf998143b2ea174b2fea7544d291604f5595c5c01b5f1f28bbff6713a2cf3ff26e04f1f480e491e59f53640faa73c03c1bd89c1
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-