General
-
Target
virussign.com_26a40eade629154d15e019603e4ce790
-
Size
120KB
-
Sample
220715-tsg8dsdbdr
-
MD5
26a40eade629154d15e019603e4ce790
-
SHA1
6823521b875fe13e6a607db7f868b4925a71eeeb
-
SHA256
c67d559821f7c3cca0adf73727e00cf193c8c9ed7c82876235335afb4768656f
-
SHA512
765373138bb0f70c7cf92f615274b0d45be29a1746e72af9e0c15820acb8b45604baa441f891384b9c77b12b211b17e88835de85c2bc351708394f4740762dae
Static task
static1
Behavioral task
behavioral1
Sample
virussign.dll
Resource
win7-20220715-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
virussign.com_26a40eade629154d15e019603e4ce790
-
Size
120KB
-
MD5
26a40eade629154d15e019603e4ce790
-
SHA1
6823521b875fe13e6a607db7f868b4925a71eeeb
-
SHA256
c67d559821f7c3cca0adf73727e00cf193c8c9ed7c82876235335afb4768656f
-
SHA512
765373138bb0f70c7cf92f615274b0d45be29a1746e72af9e0c15820acb8b45604baa441f891384b9c77b12b211b17e88835de85c2bc351708394f4740762dae
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-