General
-
Target
1600-55-0x0000000001DA0000-0x0000000002E5A000-memory.dmp
-
Size
16.7MB
-
MD5
b0e5b14e33279706a644ad73fe477e06
-
SHA1
9df78224cf90730a07ce8c743a44f5615bb60e64
-
SHA256
00125328a6aa5668bbe2528936659466cad4690cd00b54b352cec39759cbb9a0
-
SHA512
397034dda690888793f73069b8d291829e34c1a0d40f8361287dda0d7b923e367ed92a0294afdbb19c2330c9f81025a5b11576b3957a99a68c620653a6253a57
-
SSDEEP
3072:uBhs0M/4s/GaM+Q6oTbBhVv5UDa95oX+TF2p:uBhsXlGaVQ6oTbBrv5UDsoX+TFa
Score
10/10
Malware Config
Extracted
Family
sality
C2
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Signatures
-
Sality family
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
Files
-
1600-55-0x0000000001DA0000-0x0000000002E5A000-memory.dmp
Headers
Sections