General
-
Target
04ba6eee70f259584a2cfd1b96d523653043dae8b5a899673008f141581bb991
-
Size
216KB
-
Sample
220212-nektgadchk
-
MD5
6676eeb49cb02301ae88ab3ccce4e1d1
-
SHA1
8d409d071ed50ba8835916311ff1fe872c734325
-
SHA256
04ba6eee70f259584a2cfd1b96d523653043dae8b5a899673008f141581bb991
-
SHA512
1b1328e8ed710a24c8f878352c72f408f1c450b6a88b966531e6f1035d57276e1ed0e552971fa55aa9bacfea2561130003d9760e0f322a2e5aee1bacb547461a
Static task
static1
Behavioral task
behavioral1
Sample
04ba6eee70f259584a2cfd1b96d523653043dae8b5a899673008f141581bb991.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
04ba6eee70f259584a2cfd1b96d523653043dae8b5a899673008f141581bb991.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
04ba6eee70f259584a2cfd1b96d523653043dae8b5a899673008f141581bb991
-
Size
216KB
-
MD5
6676eeb49cb02301ae88ab3ccce4e1d1
-
SHA1
8d409d071ed50ba8835916311ff1fe872c734325
-
SHA256
04ba6eee70f259584a2cfd1b96d523653043dae8b5a899673008f141581bb991
-
SHA512
1b1328e8ed710a24c8f878352c72f408f1c450b6a88b966531e6f1035d57276e1ed0e552971fa55aa9bacfea2561130003d9760e0f322a2e5aee1bacb547461a
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-