General
-
Target
25aaeb30fb9b9eb36b042d44680a61b0513baf2a07021d3e04b73c2d0b5a4890
-
Size
91KB
-
Sample
220611-w1nq9abdcj
-
MD5
7dca89832ca5171e407cb35337bd3f0f
-
SHA1
b4b86b2a78d915d21f160f70809dc20fcbec7af0
-
SHA256
25aaeb30fb9b9eb36b042d44680a61b0513baf2a07021d3e04b73c2d0b5a4890
-
SHA512
9764f38abe919a1f82b3fb576283ce6ad2b003d912c94b8f709187344b2cecc099a8fa28763bf058de49bbed07cb20abafede8e857b6ae50bd8036fea64d9c55
Static task
static1
Behavioral task
behavioral1
Sample
25aaeb30fb9b9eb36b042d44680a61b0513baf2a07021d3e04b73c2d0b5a4890.exe
Resource
win7-20220414-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
25aaeb30fb9b9eb36b042d44680a61b0513baf2a07021d3e04b73c2d0b5a4890
-
Size
91KB
-
MD5
7dca89832ca5171e407cb35337bd3f0f
-
SHA1
b4b86b2a78d915d21f160f70809dc20fcbec7af0
-
SHA256
25aaeb30fb9b9eb36b042d44680a61b0513baf2a07021d3e04b73c2d0b5a4890
-
SHA512
9764f38abe919a1f82b3fb576283ce6ad2b003d912c94b8f709187344b2cecc099a8fa28763bf058de49bbed07cb20abafede8e857b6ae50bd8036fea64d9c55
-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Deletes itself
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-