General
-
Target
02ed4b2f48717bd13ea292e73713ea447844b59599f66550fb71cb0dbd4393f2
-
Size
176KB
-
Sample
220212-n4d28adfhm
-
MD5
b1a1d76e1f906168dd78b554ebc3b6e7
-
SHA1
56ed211105a98bb5e1fea24dda9f791c806a0911
-
SHA256
02ed4b2f48717bd13ea292e73713ea447844b59599f66550fb71cb0dbd4393f2
-
SHA512
248f1e9e3dee3e5f4d88bfdd16cd1136981877d7dc58d5b33976db548236749419b69242dff0c6e73bf5059b8224c8c5d332a4ae7cc707f78447cace610d02b8
Static task
static1
Behavioral task
behavioral1
Sample
02ed4b2f48717bd13ea292e73713ea447844b59599f66550fb71cb0dbd4393f2.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
02ed4b2f48717bd13ea292e73713ea447844b59599f66550fb71cb0dbd4393f2.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
02ed4b2f48717bd13ea292e73713ea447844b59599f66550fb71cb0dbd4393f2
-
Size
176KB
-
MD5
b1a1d76e1f906168dd78b554ebc3b6e7
-
SHA1
56ed211105a98bb5e1fea24dda9f791c806a0911
-
SHA256
02ed4b2f48717bd13ea292e73713ea447844b59599f66550fb71cb0dbd4393f2
-
SHA512
248f1e9e3dee3e5f4d88bfdd16cd1136981877d7dc58d5b33976db548236749419b69242dff0c6e73bf5059b8224c8c5d332a4ae7cc707f78447cace610d02b8
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-