General
-
Target
f7268fa698a8a526281d0ecd1ec02dc2447dcf71c2725b6c95e56e68f1f857ff
-
Size
96KB
-
Sample
221002-t4zxksgddp
-
MD5
76ca4b876b66cb1add5489632716687c
-
SHA1
2c96932898ba246c6b2836778188658cdc3cb7b0
-
SHA256
f7268fa698a8a526281d0ecd1ec02dc2447dcf71c2725b6c95e56e68f1f857ff
-
SHA512
7865f01d12a4e861d048a57fc8fbc66a1460bf5f8a785eb12e3abb7a1c900f4c2ab8ec8ab760ac3e51b11362dc3a9382cd81867ab559ae1bb52c3caa9e8046ea
-
SSDEEP
1536:2VCjeEwCwnNa71BenwZdMbAp77tSVSQfgrtZbUgToUYb4ExR1xBq:5jLxwnNapBewc67ATorbLT8px1E
Static task
static1
Behavioral task
behavioral1
Sample
f7268fa698a8a526281d0ecd1ec02dc2447dcf71c2725b6c95e56e68f1f857ff.exe
Resource
win7-20220812-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
f7268fa698a8a526281d0ecd1ec02dc2447dcf71c2725b6c95e56e68f1f857ff
-
Size
96KB
-
MD5
76ca4b876b66cb1add5489632716687c
-
SHA1
2c96932898ba246c6b2836778188658cdc3cb7b0
-
SHA256
f7268fa698a8a526281d0ecd1ec02dc2447dcf71c2725b6c95e56e68f1f857ff
-
SHA512
7865f01d12a4e861d048a57fc8fbc66a1460bf5f8a785eb12e3abb7a1c900f4c2ab8ec8ab760ac3e51b11362dc3a9382cd81867ab559ae1bb52c3caa9e8046ea
-
SSDEEP
1536:2VCjeEwCwnNa71BenwZdMbAp77tSVSQfgrtZbUgToUYb4ExR1xBq:5jLxwnNapBewc67ATorbLT8px1E
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-