General
-
Target
04aecaa6bd2909c7cc700f0e0b6eb922d227b00409fd4cec9e3f54c49454342a
-
Size
150KB
-
Sample
220212-ne4xcadchp
-
MD5
888e8e23f8091cb237feb652bc8652a0
-
SHA1
8cfde56bdb72810ea21cbbf21654faa745a8208d
-
SHA256
04aecaa6bd2909c7cc700f0e0b6eb922d227b00409fd4cec9e3f54c49454342a
-
SHA512
03e9153e17fef008304ebcf207ece03d128e5c250eb2b3980f74e3a26635edd90388884397ea14487173050e1129ba4d3bc26954ea799e8585fd955ec6717ff7
Static task
static1
Behavioral task
behavioral1
Sample
04aecaa6bd2909c7cc700f0e0b6eb922d227b00409fd4cec9e3f54c49454342a.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
04aecaa6bd2909c7cc700f0e0b6eb922d227b00409fd4cec9e3f54c49454342a.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
04aecaa6bd2909c7cc700f0e0b6eb922d227b00409fd4cec9e3f54c49454342a
-
Size
150KB
-
MD5
888e8e23f8091cb237feb652bc8652a0
-
SHA1
8cfde56bdb72810ea21cbbf21654faa745a8208d
-
SHA256
04aecaa6bd2909c7cc700f0e0b6eb922d227b00409fd4cec9e3f54c49454342a
-
SHA512
03e9153e17fef008304ebcf207ece03d128e5c250eb2b3980f74e3a26635edd90388884397ea14487173050e1129ba4d3bc26954ea799e8585fd955ec6717ff7
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-