Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e9a4009561510d33e048c0f42b19837bbe530afd7d5d0e24802be4f928a58e44
-
Size
120KB
-
Sample
221011-1vj84agcd6
-
MD5
60cdc311214c3f1c31b4c6ffb50b1f40
-
SHA1
5db2dbb810651c61a9769c1c7ee4f38d4135379b
-
SHA256
e9a4009561510d33e048c0f42b19837bbe530afd7d5d0e24802be4f928a58e44
-
SHA512
4843817b89a5b0a526bd0480924e41ff66ddbf06624240c81f97725e0652963702389eac5974131b54f5a31eb1c607b385389785410cc93db37f391dfbf8ac03
-
SSDEEP
1536:Xp2V9yPcSt4K7c6oguF35SJEZJwTjmFUhXsx07mz6JKb3F/3TwtzC8b/kXtNtE48:X2DW4K7c6sFee8Nyamz6JKrF/jmz/wQf
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
e9a4009561510d33e048c0f42b19837bbe530afd7d5d0e24802be4f928a58e44
-
Size
120KB
-
MD5
60cdc311214c3f1c31b4c6ffb50b1f40
-
SHA1
5db2dbb810651c61a9769c1c7ee4f38d4135379b
-
SHA256
e9a4009561510d33e048c0f42b19837bbe530afd7d5d0e24802be4f928a58e44
-
SHA512
4843817b89a5b0a526bd0480924e41ff66ddbf06624240c81f97725e0652963702389eac5974131b54f5a31eb1c607b385389785410cc93db37f391dfbf8ac03
-
SSDEEP
1536:Xp2V9yPcSt4K7c6oguF35SJEZJwTjmFUhXsx07mz6JKb3F/3TwtzC8b/kXtNtE48:X2DW4K7c6sFee8Nyamz6JKrF/jmz/wQf
Score10/10-
Modifies firewall policy service
-
Sality
Sality is backdoor written in C++, first discovered in 2003.
-
UAC bypass
-
Windows security bypass
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Windows security modification
-
Checks whether UAC is enabled
-