General
-
Target
a028b784492feb862bd80a9a19ca8862cced06805a5b72fafa3ac061698584fa
-
Size
23.6MB
-
Sample
220708-tvaw4ahgaq
-
MD5
89156d60191b397374f4ba5271298c68
-
SHA1
4e30ab941a86b6182895ae97bfd60d3f2bf741e9
-
SHA256
a028b784492feb862bd80a9a19ca8862cced06805a5b72fafa3ac061698584fa
-
SHA512
cfaa2f2558058ab999b830618a727273c26309898e6c7fe4d095527330d381481318866c4883eb7270e078615dab19913867f0a33254365a920e71f7fb86b834
Static task
static1
Behavioral task
behavioral1
Sample
a028b784492feb862bd80a9a19ca8862cced06805a5b72fafa3ac061698584fa.exe
Resource
win7-20220414-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
a028b784492feb862bd80a9a19ca8862cced06805a5b72fafa3ac061698584fa
-
Size
23.6MB
-
MD5
89156d60191b397374f4ba5271298c68
-
SHA1
4e30ab941a86b6182895ae97bfd60d3f2bf741e9
-
SHA256
a028b784492feb862bd80a9a19ca8862cced06805a5b72fafa3ac061698584fa
-
SHA512
cfaa2f2558058ab999b830618a727273c26309898e6c7fe4d095527330d381481318866c4883eb7270e078615dab19913867f0a33254365a920e71f7fb86b834
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-