General
-
Target
0014b8fda8d2a6a56ebbf31bc3b6981773a2a8caaca1c43c96cb5d7a61c152c6
-
Size
216KB
-
Sample
220212-p4sq2seccr
-
MD5
8796c8b7451ef9e6782fcfc56ba58779
-
SHA1
8356ba2ac2d274af19816665bd1c6fe85bb3e7f6
-
SHA256
0014b8fda8d2a6a56ebbf31bc3b6981773a2a8caaca1c43c96cb5d7a61c152c6
-
SHA512
b989e4d892bcadea2c80bdc54059708a70a6b4ce775d26b09fb8db9b556951b8aeb1d19f5ade3cf620292d75ba8044dc9e062aeb64d636d90eedf9bcb3679b48
Static task
static1
Behavioral task
behavioral1
Sample
0014b8fda8d2a6a56ebbf31bc3b6981773a2a8caaca1c43c96cb5d7a61c152c6.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0014b8fda8d2a6a56ebbf31bc3b6981773a2a8caaca1c43c96cb5d7a61c152c6.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0014b8fda8d2a6a56ebbf31bc3b6981773a2a8caaca1c43c96cb5d7a61c152c6
-
Size
216KB
-
MD5
8796c8b7451ef9e6782fcfc56ba58779
-
SHA1
8356ba2ac2d274af19816665bd1c6fe85bb3e7f6
-
SHA256
0014b8fda8d2a6a56ebbf31bc3b6981773a2a8caaca1c43c96cb5d7a61c152c6
-
SHA512
b989e4d892bcadea2c80bdc54059708a70a6b4ce775d26b09fb8db9b556951b8aeb1d19f5ade3cf620292d75ba8044dc9e062aeb64d636d90eedf9bcb3679b48
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-