General

  • Target

    17aab2427330d63a25de13985d1d7fb2c3b87d552892fea0c04a4d7adb81cb14

  • Size

    566KB

  • MD5

    30ba81eacd8c131e374f32cef38ff771

  • SHA1

    b4fa8736c35b38bc4eb1f3e5053d05fd5cd56260

  • SHA256

    17aab2427330d63a25de13985d1d7fb2c3b87d552892fea0c04a4d7adb81cb14

  • SHA512

    383d8a0f6edc4b531847cc248269713ae7227be1ba28e6c02b3f1b8dbcd8296f5666d22bda6b4dd17403aab71ff5944368471e785897d37c1f9a27b0c30a7163

  • SSDEEP

    6144:yU5UH0qx4a6D+eGEPQ0OXlv6POeHxAL+1XIQF5LrKoe5xHtEW3rplCSty:yik0qx4a6RQjXsOFLYTLrKoYNtNrpoSy

Score
10/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

http://www.klkjwre9fqwieluoi.info/

http://kukutrustnet777888.info/

Signatures

  • Sality family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

Files

  • 17aab2427330d63a25de13985d1d7fb2c3b87d552892fea0c04a4d7adb81cb14
    .exe windows x86


    Headers

    Sections

  • out.upx
    .exe windows x86


    Headers

    Sections