General
-
Target
748-55-0x0000000001DB0000-0x0000000002E6A000-memory.dmp
-
Size
16.7MB
-
MD5
8418361e6f6a232bd7d88732107c5cd9
-
SHA1
bd25739b0b91ade8097bf831ea52b1db08ac92f6
-
SHA256
4a677c828ac26dff87c2082a723a618f6e7c9ac22c3e0a64cc6804af032d123a
-
SHA512
b70b9bcdb2ddf7e6e93517acf82f192f41e7700d7ddbc90fc594a6b5a027e30cb7b68fcf42192c21c060b353d4f8806ac5bc37e62e208879a62bbe730dd0208f
-
SSDEEP
3072:JIBhs0MhimF1VgMrlOjYIWV5Kuy9EoX+Tt2p:JIBhsXDVgIlOjYIi5KuZoX+Tta
Score
10/10
Malware Config
Extracted
Family
sality
C2
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Signatures
-
Sality family
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
Files
-
748-55-0x0000000001DB0000-0x0000000002E6A000-memory.dmp
Headers
Sections