General
-
Target
0435f1cbbae0ceddb656cfccf80ac2847a2af083376bf6f0d5bff0ceb6030d3d
-
Size
216KB
-
Sample
220212-nmk47sddhj
-
MD5
83bf2fbc4432622355df91491c51e197
-
SHA1
33cd5b9c6076e049faf40c3b8f3871813335cf54
-
SHA256
0435f1cbbae0ceddb656cfccf80ac2847a2af083376bf6f0d5bff0ceb6030d3d
-
SHA512
54523d5c78a0ed5f2c77c3904114890bf80e19a301b3e264862a70f1afa47662655defec157eb27759a9ec196b016f2eacdc160948cef610ee22cb708f430657
Static task
static1
Behavioral task
behavioral1
Sample
0435f1cbbae0ceddb656cfccf80ac2847a2af083376bf6f0d5bff0ceb6030d3d.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0435f1cbbae0ceddb656cfccf80ac2847a2af083376bf6f0d5bff0ceb6030d3d.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
0435f1cbbae0ceddb656cfccf80ac2847a2af083376bf6f0d5bff0ceb6030d3d
-
Size
216KB
-
MD5
83bf2fbc4432622355df91491c51e197
-
SHA1
33cd5b9c6076e049faf40c3b8f3871813335cf54
-
SHA256
0435f1cbbae0ceddb656cfccf80ac2847a2af083376bf6f0d5bff0ceb6030d3d
-
SHA512
54523d5c78a0ed5f2c77c3904114890bf80e19a301b3e264862a70f1afa47662655defec157eb27759a9ec196b016f2eacdc160948cef610ee22cb708f430657
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-