General
-
Target
virussign.com_6366eaad7fbe650aa346862be63f0860
-
Size
120KB
-
Sample
220716-jtvj1aaba4
-
MD5
6366eaad7fbe650aa346862be63f0860
-
SHA1
fe6ead8133f20792b21788013770e10843c7dd8f
-
SHA256
2e7df1ce70cea4fbc38cebe86cbb7e3b1ef038c9f69f099406164c0ace977225
-
SHA512
1bf599648126446a581afe3362d36d4358d47ffca16c76ecbe49e20bc09779987f0da4a9c860c658b9a7d96a3705cdb0323df4031560559d14ceb0ebb263cf5b
Static task
static1
Behavioral task
behavioral1
Sample
virussign.dll
Resource
win7-20220414-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
virussign.com_6366eaad7fbe650aa346862be63f0860
-
Size
120KB
-
MD5
6366eaad7fbe650aa346862be63f0860
-
SHA1
fe6ead8133f20792b21788013770e10843c7dd8f
-
SHA256
2e7df1ce70cea4fbc38cebe86cbb7e3b1ef038c9f69f099406164c0ace977225
-
SHA512
1bf599648126446a581afe3362d36d4358d47ffca16c76ecbe49e20bc09779987f0da4a9c860c658b9a7d96a3705cdb0323df4031560559d14ceb0ebb263cf5b
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-