General
-
Target
9a5500635e52f337b73aa139357234ef031a762b6f4d0f21b092ca9e31308148
-
Size
1014KB
-
Sample
221010-3hsqtaeaf3
-
MD5
022d355b72712f57bfd93e6da0a534b5
-
SHA1
5493a260299c904148d59fd865006be081cb17a3
-
SHA256
9a5500635e52f337b73aa139357234ef031a762b6f4d0f21b092ca9e31308148
-
SHA512
721960cc4682eedba3c54883dcd3d51d8b1fbefcbfaaa22baa0305305be97436e7b202c0f8e2b077dd6c3df8b38e8e1e7007ae8447f596036ff1af6ff7d7c352
-
SSDEEP
12288:caAchpWsuVTv7ItY8XljyypHP7cOLBev03hlULsmWZ++09ZcKDVsgdC9UwuNrO+r:dAEENIq8XwyVPQclDq/+WnpsSaUwuNr3
Behavioral task
behavioral1
Sample
9a5500635e52f337b73aa139357234ef031a762b6f4d0f21b092ca9e31308148.exe
Resource
win7-20220812-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
9a5500635e52f337b73aa139357234ef031a762b6f4d0f21b092ca9e31308148
-
Size
1014KB
-
MD5
022d355b72712f57bfd93e6da0a534b5
-
SHA1
5493a260299c904148d59fd865006be081cb17a3
-
SHA256
9a5500635e52f337b73aa139357234ef031a762b6f4d0f21b092ca9e31308148
-
SHA512
721960cc4682eedba3c54883dcd3d51d8b1fbefcbfaaa22baa0305305be97436e7b202c0f8e2b077dd6c3df8b38e8e1e7007ae8447f596036ff1af6ff7d7c352
-
SSDEEP
12288:caAchpWsuVTv7ItY8XljyypHP7cOLBev03hlULsmWZ++09ZcKDVsgdC9UwuNrO+r:dAEENIq8XwyVPQclDq/+WnpsSaUwuNr3
-
Modifies firewall policy service
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-