General
-
Target
af6c0a194927e589cd5b99c54cd6b7f287aee2944fdf4e11e734242719a05deb
-
Size
332KB
-
Sample
220626-cbvnqaeeh9
-
MD5
36a394bb4967fe95454237d33f1e40cc
-
SHA1
e623ae5c006b7906373d38bcdfd4913fe1ac2e25
-
SHA256
af6c0a194927e589cd5b99c54cd6b7f287aee2944fdf4e11e734242719a05deb
-
SHA512
579e85e2adbc555b7fb29a42b35f424575b551078ba75d62f5a934032ea2df74e346039f6c6f2e1d1727beedf7d9a00604347d70840358eab72d4e813bcbdde0
Static task
static1
Behavioral task
behavioral1
Sample
af6c0a194927e589cd5b99c54cd6b7f287aee2944fdf4e11e734242719a05deb.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
af6c0a194927e589cd5b99c54cd6b7f287aee2944fdf4e11e734242719a05deb.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
af6c0a194927e589cd5b99c54cd6b7f287aee2944fdf4e11e734242719a05deb
-
Size
332KB
-
MD5
36a394bb4967fe95454237d33f1e40cc
-
SHA1
e623ae5c006b7906373d38bcdfd4913fe1ac2e25
-
SHA256
af6c0a194927e589cd5b99c54cd6b7f287aee2944fdf4e11e734242719a05deb
-
SHA512
579e85e2adbc555b7fb29a42b35f424575b551078ba75d62f5a934032ea2df74e346039f6c6f2e1d1727beedf7d9a00604347d70840358eab72d4e813bcbdde0
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-