General
-
Target
0442fd04f0dc2dceecf8b97687f22867a94d71b49f49fa3a0af3d72c688fa9e6
-
Size
176KB
-
Sample
220212-nl1s9sddgl
-
MD5
d81712621366d35c3840dc00c438977e
-
SHA1
07d2c810d49a729a442a3f22bc8651a83b45d9ff
-
SHA256
0442fd04f0dc2dceecf8b97687f22867a94d71b49f49fa3a0af3d72c688fa9e6
-
SHA512
f36e06ccad4eda8a09a3b2964ad0a05b80951ac6c5062bf8e0c0d48bac8b7e3d24ca5780ba4521e219f32799fc789ad7a5a1f5becc980dc35de319e9fb520fc7
Static task
static1
Behavioral task
behavioral1
Sample
0442fd04f0dc2dceecf8b97687f22867a94d71b49f49fa3a0af3d72c688fa9e6.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0442fd04f0dc2dceecf8b97687f22867a94d71b49f49fa3a0af3d72c688fa9e6.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0442fd04f0dc2dceecf8b97687f22867a94d71b49f49fa3a0af3d72c688fa9e6
-
Size
176KB
-
MD5
d81712621366d35c3840dc00c438977e
-
SHA1
07d2c810d49a729a442a3f22bc8651a83b45d9ff
-
SHA256
0442fd04f0dc2dceecf8b97687f22867a94d71b49f49fa3a0af3d72c688fa9e6
-
SHA512
f36e06ccad4eda8a09a3b2964ad0a05b80951ac6c5062bf8e0c0d48bac8b7e3d24ca5780ba4521e219f32799fc789ad7a5a1f5becc980dc35de319e9fb520fc7
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-