General
-
Target
051782ba762f8b41c109d1e1edb4c605074a2c3e87e02df3c232c5039e6658c0
-
Size
89KB
-
Sample
220212-nac8tsdccq
-
MD5
31e9aa16fc07d8fbadedae0e8e08710e
-
SHA1
9d6af53d6a554feb1c07547f812ae922089d4d4d
-
SHA256
051782ba762f8b41c109d1e1edb4c605074a2c3e87e02df3c232c5039e6658c0
-
SHA512
3b747a4cd08600c51fc9c34a4a54ad077e2e0910046a0a100cccb3c39fad31818a0a33dfc4cde8e33d48f7ff1853708fd5547b5337b1e5e9470d3250d02590fb
Static task
static1
Behavioral task
behavioral1
Sample
051782ba762f8b41c109d1e1edb4c605074a2c3e87e02df3c232c5039e6658c0.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
051782ba762f8b41c109d1e1edb4c605074a2c3e87e02df3c232c5039e6658c0.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
051782ba762f8b41c109d1e1edb4c605074a2c3e87e02df3c232c5039e6658c0
-
Size
89KB
-
MD5
31e9aa16fc07d8fbadedae0e8e08710e
-
SHA1
9d6af53d6a554feb1c07547f812ae922089d4d4d
-
SHA256
051782ba762f8b41c109d1e1edb4c605074a2c3e87e02df3c232c5039e6658c0
-
SHA512
3b747a4cd08600c51fc9c34a4a54ad077e2e0910046a0a100cccb3c39fad31818a0a33dfc4cde8e33d48f7ff1853708fd5547b5337b1e5e9470d3250d02590fb
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-