General
-
Target
0514763d49c6070d408b6e80cad6e5c264a24b44471977305301eeb8dec4831a
-
Size
188KB
-
Sample
220212-namghadcdj
-
MD5
bfd2124caa36df62e3fe57ca21f36e8e
-
SHA1
37b2b42a4a072dc47ff3968e021d59e5e02c704d
-
SHA256
0514763d49c6070d408b6e80cad6e5c264a24b44471977305301eeb8dec4831a
-
SHA512
f9ce3cfb028a8b9921bccbccb570869ce1da9baab07fc546e2d8a1e97763bd6cc1ab891a53b223da0518e0b168451c8456fd6775da9b9e693f400d7747a88397
Static task
static1
Behavioral task
behavioral1
Sample
0514763d49c6070d408b6e80cad6e5c264a24b44471977305301eeb8dec4831a.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0514763d49c6070d408b6e80cad6e5c264a24b44471977305301eeb8dec4831a.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0514763d49c6070d408b6e80cad6e5c264a24b44471977305301eeb8dec4831a
-
Size
188KB
-
MD5
bfd2124caa36df62e3fe57ca21f36e8e
-
SHA1
37b2b42a4a072dc47ff3968e021d59e5e02c704d
-
SHA256
0514763d49c6070d408b6e80cad6e5c264a24b44471977305301eeb8dec4831a
-
SHA512
f9ce3cfb028a8b9921bccbccb570869ce1da9baab07fc546e2d8a1e97763bd6cc1ab891a53b223da0518e0b168451c8456fd6775da9b9e693f400d7747a88397
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-