General

  • Target

    b7748212568d612152f46667fa27d3c47ce04aa00dfb89a032d2d8607323bbf3

  • Size

    173KB

  • Sample

    221106-xeb11aaafj

  • MD5

    0237d30a4893ced532ca226a4446f000

  • SHA1

    e8cb61257f42c94743774dc7765ed23f3a89773b

  • SHA256

    b7748212568d612152f46667fa27d3c47ce04aa00dfb89a032d2d8607323bbf3

  • SHA512

    2dc244baa1e7854c47fbefe36bcda90fef01991ee7e7a3830909935905f06113b8f841fe91e5ad9abcfefba8ae1b61d8b5abca958d47bcc33a4584b3ad8e1ac2

  • SSDEEP

    3072:oq/lSpAbGTe2Aq/tqijXjE91FjaYHLRlH9sVX1A:oqeAbgeETE91xHDOt1A

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

http://www.klkjwre9fqwieluoi.info/

http://kukutrustnet777888.info/

Targets

    • Target

      b7748212568d612152f46667fa27d3c47ce04aa00dfb89a032d2d8607323bbf3

    • Size

      173KB

    • MD5

      0237d30a4893ced532ca226a4446f000

    • SHA1

      e8cb61257f42c94743774dc7765ed23f3a89773b

    • SHA256

      b7748212568d612152f46667fa27d3c47ce04aa00dfb89a032d2d8607323bbf3

    • SHA512

      2dc244baa1e7854c47fbefe36bcda90fef01991ee7e7a3830909935905f06113b8f841fe91e5ad9abcfefba8ae1b61d8b5abca958d47bcc33a4584b3ad8e1ac2

    • SSDEEP

      3072:oq/lSpAbGTe2Aq/tqijXjE91FjaYHLRlH9sVX1A:oqeAbgeETE91xHDOt1A

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Bypass User Account Control

1
T1088

Defense Evasion

Modify Registry

5
T1112

Bypass User Account Control

1
T1088

Disabling Security Tools

3
T1089

File Permissions Modification

1
T1222

Discovery

System Information Discovery

2
T1082

Tasks