General
-
Target
4a35e024fbbf75fa25886ad62bf8470a5cca5fe4a4a8ca0a70384054112c03b5
-
Size
376KB
-
Sample
220712-rjw9vagbe2
-
MD5
cb0f18862fa485d8365701c404113062
-
SHA1
4a71cf8d4661598d27a87950b56490b1dc6611ba
-
SHA256
4a35e024fbbf75fa25886ad62bf8470a5cca5fe4a4a8ca0a70384054112c03b5
-
SHA512
81949d8dde3b5aeddae0b044b68bf32b82542d20ef7636c458b6989dca7e62595d65145f7da48eb0f7980feeedd5c14304517afd4df704c241e940cdbee5234f
Static task
static1
Behavioral task
behavioral1
Sample
4a35e024fbbf75fa25886ad62bf8470a5cca5fe4a4a8ca0a70384054112c03b5.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
4a35e024fbbf75fa25886ad62bf8470a5cca5fe4a4a8ca0a70384054112c03b5.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
4a35e024fbbf75fa25886ad62bf8470a5cca5fe4a4a8ca0a70384054112c03b5
-
Size
376KB
-
MD5
cb0f18862fa485d8365701c404113062
-
SHA1
4a71cf8d4661598d27a87950b56490b1dc6611ba
-
SHA256
4a35e024fbbf75fa25886ad62bf8470a5cca5fe4a4a8ca0a70384054112c03b5
-
SHA512
81949d8dde3b5aeddae0b044b68bf32b82542d20ef7636c458b6989dca7e62595d65145f7da48eb0f7980feeedd5c14304517afd4df704c241e940cdbee5234f
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-