General
-
Target
04b7ee50efb6df99bfa901e441936fde884c9775114e2a04d3a55bca6e103ca6
-
Size
216KB
-
Sample
220212-ner8jsdchm
-
MD5
d191771dc9c68ed67ebb4be79baa5bb2
-
SHA1
1baf53bc0ab829f21e1e00224363c70b80aa545d
-
SHA256
04b7ee50efb6df99bfa901e441936fde884c9775114e2a04d3a55bca6e103ca6
-
SHA512
1b390ffccfb9d550d0598d4e98977094234cdac9a78df8b8bec4af4919f96d475754f77a58fb4b62ac276b0005160ea36270f5200e6d8fe662cd90172e0c9b1e
Static task
static1
Behavioral task
behavioral1
Sample
04b7ee50efb6df99bfa901e441936fde884c9775114e2a04d3a55bca6e103ca6.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
04b7ee50efb6df99bfa901e441936fde884c9775114e2a04d3a55bca6e103ca6.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
04b7ee50efb6df99bfa901e441936fde884c9775114e2a04d3a55bca6e103ca6
-
Size
216KB
-
MD5
d191771dc9c68ed67ebb4be79baa5bb2
-
SHA1
1baf53bc0ab829f21e1e00224363c70b80aa545d
-
SHA256
04b7ee50efb6df99bfa901e441936fde884c9775114e2a04d3a55bca6e103ca6
-
SHA512
1b390ffccfb9d550d0598d4e98977094234cdac9a78df8b8bec4af4919f96d475754f77a58fb4b62ac276b0005160ea36270f5200e6d8fe662cd90172e0c9b1e
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-