General
-
Target
46eecfde17e88bffcc4e3d0ba4db2c5c5bab27c1f47a7661699a986fc8e5d318
-
Size
100KB
-
Sample
220714-j7afzshbc4
-
MD5
fa74205d777d6115790cd52033aa58b3
-
SHA1
ffd40894c0c8884dfa1f578bbbc2c536ad9a1b76
-
SHA256
46eecfde17e88bffcc4e3d0ba4db2c5c5bab27c1f47a7661699a986fc8e5d318
-
SHA512
020715d64e43cfc570780b9da36be5a388f7c77613febd41ce83a590496eb8cd347b2ac75ad89b1fd29786ca82720727e6a16099d2d863ad7830e5b7c6aee2ad
Static task
static1
Behavioral task
behavioral1
Sample
46eecfde17e88bffcc4e3d0ba4db2c5c5bab27c1f47a7661699a986fc8e5d318.exe
Resource
win7-20220414-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
46eecfde17e88bffcc4e3d0ba4db2c5c5bab27c1f47a7661699a986fc8e5d318
-
Size
100KB
-
MD5
fa74205d777d6115790cd52033aa58b3
-
SHA1
ffd40894c0c8884dfa1f578bbbc2c536ad9a1b76
-
SHA256
46eecfde17e88bffcc4e3d0ba4db2c5c5bab27c1f47a7661699a986fc8e5d318
-
SHA512
020715d64e43cfc570780b9da36be5a388f7c77613febd41ce83a590496eb8cd347b2ac75ad89b1fd29786ca82720727e6a16099d2d863ad7830e5b7c6aee2ad
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-