sality | d6764b133bf257a62465ecdccb3a2e277dc9a392967fd380a784dfbba0fef2fa | Triage

Submit
Reports

Overview

overview

Static

static

d6764b133b...fa.exe

windows7-x64

d6764b133b...fa.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d6764b133bf257a62465ecdccb3a2e277dc9a392967fd380a784dfbba0fef2fa.exe

Resource

win7-20220812-en

sality backdoor evasion trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

d6764b133bf257a62465ecdccb3a2e277dc9a392967fd380a784dfbba0fef2fa.exe

Resource

win10v2004-20220812-en

sality backdoor evasion trojan

windows10-2004-x64

8 signatures

150 seconds

General

Target

d6764b133bf257a62465ecdccb3a2e277dc9a392967fd380a784dfbba0fef2fa
Size

123KB
MD5

1a2b15dce645ba6b46ddb34d6e5eede0
SHA1

8e9b5cdee96795cb802b66a2efedac5d5f19a731
SHA256

d6764b133bf257a62465ecdccb3a2e277dc9a392967fd380a784dfbba0fef2fa
SHA512

85b51e800bc0d62afefead6b2337b2971c24107226829d84307790b77df93b43b8c66cdf12b17b02a74d9c8d285b910b7c610b28790348c556ce16e8ee1fde7e
SSDEEP

3072:R7HibvPPoCujRaRsUs1gEE29qA/2V4fOBvsMMO6C:NHirLujRaRsU8gEE1A/2V4fOBvs/O6

Score

10^/10

sality

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

http://www.klkjwre9fqwieluoi.info/

http://kukutrustnet777888.info/

Signatures

Sality family
sality

Files

d6764b133bf257a62465ecdccb3a2e277dc9a392967fd380a784dfbba0fef2fa
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 428KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy