General
-
Target
a0320a4d93cc8b080f0172e53e112d314c644e52843fef9cf9607b3c8097d4ce
-
Size
864KB
-
Sample
220705-dz9cfsfeb8
-
MD5
3c293fe94c4505814899cbd66384c324
-
SHA1
381d26446fc1eda1244b996b8afa569d77dce1a8
-
SHA256
a0320a4d93cc8b080f0172e53e112d314c644e52843fef9cf9607b3c8097d4ce
-
SHA512
4d08d62021bb40a27f66e2bf19a3735cfea4b68258f884751075c73d00721c2cdf6ee0b94d4972c57863922bac93e18dac25dfd7e4ae9506aef2ff30a02981be
Static task
static1
Behavioral task
behavioral1
Sample
a0320a4d93cc8b080f0172e53e112d314c644e52843fef9cf9607b3c8097d4ce.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
a0320a4d93cc8b080f0172e53e112d314c644e52843fef9cf9607b3c8097d4ce.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
a0320a4d93cc8b080f0172e53e112d314c644e52843fef9cf9607b3c8097d4ce
-
Size
864KB
-
MD5
3c293fe94c4505814899cbd66384c324
-
SHA1
381d26446fc1eda1244b996b8afa569d77dce1a8
-
SHA256
a0320a4d93cc8b080f0172e53e112d314c644e52843fef9cf9607b3c8097d4ce
-
SHA512
4d08d62021bb40a27f66e2bf19a3735cfea4b68258f884751075c73d00721c2cdf6ee0b94d4972c57863922bac93e18dac25dfd7e4ae9506aef2ff30a02981be
Score10/10-
Sakula Payload
-
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
suricata: ET MALWARE Sakula/Mivast RAT CnC Beacon 1
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-