General
-
Target
03e05ab950b341677b795647ea6dd99e1cac32dc0ca38d2dd83343d526dba05c
-
Size
150KB
-
Sample
220212-nrxnssdeej
-
MD5
504182fc577ef509bdf7d3438dc4845f
-
SHA1
d69dcf96bfc0fc88a77035459d5659a4a2100734
-
SHA256
03e05ab950b341677b795647ea6dd99e1cac32dc0ca38d2dd83343d526dba05c
-
SHA512
1f88aff8a5bcf43364a1d2d2ffd41348efaa0f96a43bb55444528bf80575c3e33a352dfdc041e6d38f827263daa1439d60ab7e9d4e68e96543a3bd764c7ee63b
Static task
static1
Behavioral task
behavioral1
Sample
03e05ab950b341677b795647ea6dd99e1cac32dc0ca38d2dd83343d526dba05c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
03e05ab950b341677b795647ea6dd99e1cac32dc0ca38d2dd83343d526dba05c.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
03e05ab950b341677b795647ea6dd99e1cac32dc0ca38d2dd83343d526dba05c
-
Size
150KB
-
MD5
504182fc577ef509bdf7d3438dc4845f
-
SHA1
d69dcf96bfc0fc88a77035459d5659a4a2100734
-
SHA256
03e05ab950b341677b795647ea6dd99e1cac32dc0ca38d2dd83343d526dba05c
-
SHA512
1f88aff8a5bcf43364a1d2d2ffd41348efaa0f96a43bb55444528bf80575c3e33a352dfdc041e6d38f827263daa1439d60ab7e9d4e68e96543a3bd764c7ee63b
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-