General
-
Target
04c341c2a1a0f84b2bd47e75bde7efac560a614c55fc3d224286e11cc783ce96
-
Size
216KB
-
Sample
220212-nd3mwsdcgn
-
MD5
2228f8f2b714af39eef1f137b4c0be56
-
SHA1
4d387d4499df2f7ba4025eac5607602bccde1879
-
SHA256
04c341c2a1a0f84b2bd47e75bde7efac560a614c55fc3d224286e11cc783ce96
-
SHA512
c746ab8319706605eb6243b3825e32ed99c53502ece9516b11d67a1763e1274a09c10315ab9463efd08de6b65d8738123b182da7696ca9eef43cef0e10a0fff9
Static task
static1
Behavioral task
behavioral1
Sample
04c341c2a1a0f84b2bd47e75bde7efac560a614c55fc3d224286e11cc783ce96.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
04c341c2a1a0f84b2bd47e75bde7efac560a614c55fc3d224286e11cc783ce96.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
04c341c2a1a0f84b2bd47e75bde7efac560a614c55fc3d224286e11cc783ce96
-
Size
216KB
-
MD5
2228f8f2b714af39eef1f137b4c0be56
-
SHA1
4d387d4499df2f7ba4025eac5607602bccde1879
-
SHA256
04c341c2a1a0f84b2bd47e75bde7efac560a614c55fc3d224286e11cc783ce96
-
SHA512
c746ab8319706605eb6243b3825e32ed99c53502ece9516b11d67a1763e1274a09c10315ab9463efd08de6b65d8738123b182da7696ca9eef43cef0e10a0fff9
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-