General
-
Target
0b2e22c989efa2ab94cab7e9aaf1c6f075929a7a900bad0bd111b56d0d2a1387
-
Size
216KB
-
Sample
220530-ekxwjshcbq
-
MD5
a8eb83d3611cbaff46a41b4b7d139a0c
-
SHA1
233016312b3378bd0ef50bb3757119fcb68d4f43
-
SHA256
0b2e22c989efa2ab94cab7e9aaf1c6f075929a7a900bad0bd111b56d0d2a1387
-
SHA512
3771dc08133f709e2e0d4ce440d8b0b029c28c2f6114f437f62d0d9290a25fd7e225c1974a1748d1cb3fdb47345f27e37794840b1103b25f585f863e2db69df4
Behavioral task
behavioral1
Sample
0b2e22c989efa2ab94cab7e9aaf1c6f075929a7a900bad0bd111b56d0d2a1387.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
0b2e22c989efa2ab94cab7e9aaf1c6f075929a7a900bad0bd111b56d0d2a1387
-
Size
216KB
-
MD5
a8eb83d3611cbaff46a41b4b7d139a0c
-
SHA1
233016312b3378bd0ef50bb3757119fcb68d4f43
-
SHA256
0b2e22c989efa2ab94cab7e9aaf1c6f075929a7a900bad0bd111b56d0d2a1387
-
SHA512
3771dc08133f709e2e0d4ce440d8b0b029c28c2f6114f437f62d0d9290a25fd7e225c1974a1748d1cb3fdb47345f27e37794840b1103b25f585f863e2db69df4
-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-