Overview

overview

10

Static

static

21ffc9a64a...67.exe

windows7-x64

3

21ffc9a64a...67.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21ffc9a64a69248047aa616abd2d97df81761fa6923b68c96cd06d792963ba67

  • Size

    112KB

  • Sample

    221030-cemghsghhk

  • MD5

    932397c261cebd138975e877563e4518

  • SHA1

    add1351927707b1b34c32f50bf422a050d4b6a5e

  • SHA256

    21ffc9a64a69248047aa616abd2d97df81761fa6923b68c96cd06d792963ba67

  • SHA512

    8c4543b3d68aa6f9b0c2f94fde93ef9eccbef82aea35d7f1e291c2b2e9f73b1b1ea65800d04f6a8f3d8fe660e5e3c0e467cca3527794e657367700a2e02411bd

  • SSDEEP

    3072:XXYelteyveU01cKLm86AdKKXC5hoM81884J:XXY5RbLm86zKCaty

Score
10/10
salitybackdoorupx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      21ffc9a64a69248047aa616abd2d97df81761fa6923b68c96cd06d792963ba67

    • Size

      112KB

    • MD5

      932397c261cebd138975e877563e4518

    • SHA1

      add1351927707b1b34c32f50bf422a050d4b6a5e

    • SHA256

      21ffc9a64a69248047aa616abd2d97df81761fa6923b68c96cd06d792963ba67

    • SHA512

      8c4543b3d68aa6f9b0c2f94fde93ef9eccbef82aea35d7f1e291c2b2e9f73b1b1ea65800d04f6a8f3d8fe660e5e3c0e467cca3527794e657367700a2e02411bd

    • SSDEEP

      3072:XXYelteyveU01cKLm86AdKKXC5hoM81884J:XXY5RbLm86zKCaty

    Score
    10/10
    salitybackdoorupx

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

      backdoorsality

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks