General
-
Target
0293b23c5ce17c34b0373bddd4f3ff03e9abd2a88816fb4d87eb5a61745af836
-
Size
216KB
-
Sample
220212-n76lmsdgdk
-
MD5
2bd394aef3becbf778964d64663c6201
-
SHA1
147c708e0d1fd203e1db0ab728b08f503777a2e9
-
SHA256
0293b23c5ce17c34b0373bddd4f3ff03e9abd2a88816fb4d87eb5a61745af836
-
SHA512
1acf4a30cff5bfd384b1617188f4ec8191c4c0cb9cfb03423547317abac9e3848ae692f78566bd078b2d9bc17fd5bf5b2b36a4d766c7a0c3411ed7904255299d
Static task
static1
Behavioral task
behavioral1
Sample
0293b23c5ce17c34b0373bddd4f3ff03e9abd2a88816fb4d87eb5a61745af836.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0293b23c5ce17c34b0373bddd4f3ff03e9abd2a88816fb4d87eb5a61745af836.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0293b23c5ce17c34b0373bddd4f3ff03e9abd2a88816fb4d87eb5a61745af836
-
Size
216KB
-
MD5
2bd394aef3becbf778964d64663c6201
-
SHA1
147c708e0d1fd203e1db0ab728b08f503777a2e9
-
SHA256
0293b23c5ce17c34b0373bddd4f3ff03e9abd2a88816fb4d87eb5a61745af836
-
SHA512
1acf4a30cff5bfd384b1617188f4ec8191c4c0cb9cfb03423547317abac9e3848ae692f78566bd078b2d9bc17fd5bf5b2b36a4d766c7a0c3411ed7904255299d
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-