Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ea9b39ca79c203b294f13de7412576eb5a3facf50b8a6497199861d9538ba9a6
-
Size
164KB
-
Sample
221011-1vg4qsgcd3
-
MD5
6ae218867eb9467591bb24c796c24f70
-
SHA1
7e821f0f91ce1011bc5644970de2567118037967
-
SHA256
ea9b39ca79c203b294f13de7412576eb5a3facf50b8a6497199861d9538ba9a6
-
SHA512
b959882f2c3cd74df8cab822e1ab438d84750a332eb1a909cf1a50edec1db346414fd9a2e255725f38d0016251ce098e5c2fb60b21b39db3b1cf789a7dbb4b4d
-
SSDEEP
3072:2NQKPWDyZI0hJltZrpRRyPZNtB9htSJAvdhp20onnel+FeQ97:2NSDyZISthpcX9SJSjInel2d7
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
ea9b39ca79c203b294f13de7412576eb5a3facf50b8a6497199861d9538ba9a6
-
Size
164KB
-
MD5
6ae218867eb9467591bb24c796c24f70
-
SHA1
7e821f0f91ce1011bc5644970de2567118037967
-
SHA256
ea9b39ca79c203b294f13de7412576eb5a3facf50b8a6497199861d9538ba9a6
-
SHA512
b959882f2c3cd74df8cab822e1ab438d84750a332eb1a909cf1a50edec1db346414fd9a2e255725f38d0016251ce098e5c2fb60b21b39db3b1cf789a7dbb4b4d
-
SSDEEP
3072:2NQKPWDyZI0hJltZrpRRyPZNtB9htSJAvdhp20onnel+FeQ97:2NSDyZISthpcX9SJSjInel2d7
Score10/10-
Sality
Sality is backdoor written in C++, first discovered in 2003.
-
UAC bypass
-
Windows security bypass
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Modifies Windows Firewall
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Windows security modification
-
Checks whether UAC is enabled
-