General
-
Target
9f9e86b22b4f11c6e4c7defbd05eb64ea0f528a0913b5502d2dc534aee08ddb2
-
Size
512KB
-
Sample
220705-cr2rzadagj
-
MD5
95110cc7399723f17204990dec441fe6
-
SHA1
04f528f70fa09ef6180c19949e76d8eff4c6a3ea
-
SHA256
9f9e86b22b4f11c6e4c7defbd05eb64ea0f528a0913b5502d2dc534aee08ddb2
-
SHA512
339fff2cf29eaeb32431da1474befd5431dd2ad24e8bb3fd4706dce57d333239199d32a2322a92beb5c4e129d3b43170fb2fceba333bfb34c30e5eedc18d8bb7
Static task
static1
Behavioral task
behavioral1
Sample
9f9e86b22b4f11c6e4c7defbd05eb64ea0f528a0913b5502d2dc534aee08ddb2.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
9f9e86b22b4f11c6e4c7defbd05eb64ea0f528a0913b5502d2dc534aee08ddb2.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
9f9e86b22b4f11c6e4c7defbd05eb64ea0f528a0913b5502d2dc534aee08ddb2
-
Size
512KB
-
MD5
95110cc7399723f17204990dec441fe6
-
SHA1
04f528f70fa09ef6180c19949e76d8eff4c6a3ea
-
SHA256
9f9e86b22b4f11c6e4c7defbd05eb64ea0f528a0913b5502d2dc534aee08ddb2
-
SHA512
339fff2cf29eaeb32431da1474befd5431dd2ad24e8bb3fd4706dce57d333239199d32a2322a92beb5c4e129d3b43170fb2fceba333bfb34c30e5eedc18d8bb7
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-