General
-
Target
3752-132-0x0000000002280000-0x000000000333A000-memory.dmp
-
Size
16.7MB
-
MD5
6bc3404eba113dc62bcc0f620d4aa8f0
-
SHA1
bd58c8da2daeaef1ee7883ed6ec9449d2862c357
-
SHA256
7af8b367ec71988338ff2759897fe332216475ee6c6872f2ebf0a3bc2d9c1175
-
SHA512
0a7d94fdf629f70ace510ca03da133f5fce75df7c2a7235bf700121a29004b38fd4f627b142e5681bf8e3c2dd8ff9b59b4d9f2733e965617ed4bbb65806b2cd9
-
SSDEEP
6144:n1BhsXJGkiGhzAW9y2aZezmt0TNjGA9aGVl85TqrXoX+TBa:wt9xmIl8YA
Score
10/10
Malware Config
Extracted
Family
sality
C2
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Signatures
-
Sality family
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
Files
-
3752-132-0x0000000002280000-0x000000000333A000-memory.dmp
Headers
Sections