sality | 22d381ddf00d917e63d4706727cd0c8b3f32a07fde7efd52956a1e522abc3b71 | Triage

Submit
Reports

Overview

overview

Static

static

22d381ddf0...71.exe

windows7-x64

3

22d381ddf0...71.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

22d381ddf00d917e63d4706727cd0c8b3f32a07fde7efd52956a1e522abc3b71
Size

147KB
Sample

221107-h4pwtsdfg7
MD5

0c1dd58f44d2183870c4cd26e846cd96
SHA1

0583692cf72e0e274c3731a6a43e5cb237bd78ff
SHA256

22d381ddf00d917e63d4706727cd0c8b3f32a07fde7efd52956a1e522abc3b71
SHA512

02716f490194de804e06e791696fd578cfe4882759dcf24ed661d4cd4c45bec78624f803d374888f66db7cbb37873756eeace3b14ca6c59aa1efd4d5bc32aa28
SSDEEP

3072:ejUrEDD3+RaSrBd5Rov8eGZ5EPO+sQJxA04bkgsCQQynY03qYHa3IdjRWF:eQwHORhTEvKZ5/MuNxyYu83GRW

Score

10^/10

sality backdoor upx

Static task

static1

Behavioral task

behavioral1

Sample

22d381ddf00d917e63d4706727cd0c8b3f32a07fde7efd52956a1e522abc3b71.exe

Resource

win7-20220901-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

22d381ddf00d917e63d4706727cd0c8b3f32a07fde7efd52956a1e522abc3b71.exe

Resource

win10v2004-20220812-en

sality backdoor upx

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

- Target
  
  22d381ddf00d917e63d4706727cd0c8b3f32a07fde7efd52956a1e522abc3b71
- Size
  
  147KB
- MD5
  
  0c1dd58f44d2183870c4cd26e846cd96
- SHA1
  
  0583692cf72e0e274c3731a6a43e5cb237bd78ff
- SHA256
  
  22d381ddf00d917e63d4706727cd0c8b3f32a07fde7efd52956a1e522abc3b71
- SHA512
  
  02716f490194de804e06e791696fd578cfe4882759dcf24ed661d4cd4c45bec78624f803d374888f66db7cbb37873756eeace3b14ca6c59aa1efd4d5bc32aa28
- SSDEEP
  
  3072:ejUrEDD3+RaSrBd5Rov8eGZ5EPO+sQJxA04bkgsCQQynY03qYHa3IdjRWF:eQwHORhTEvKZ5/MuNxyYu83GRW
Score

10^/10

sality backdoor upx
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

salitybackdoorupx

© 2018-2025

Terms | Privacy