Overview

overview

10

Static

static

5386418c42...ab.exe

windows7-x64

3

5386418c42...ab.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5386418c42b84b7d5da9dfa6b74c6134745e30e385fa605cd82ad443c5514bab

  • Size

    164KB

  • Sample

    221123-xmrfnafd86

  • MD5

    4307333ad6c1221bc40ef92b5641e410

  • SHA1

    cdd831b95b3c36a16c4c2c713639557f2180b142

  • SHA256

    5386418c42b84b7d5da9dfa6b74c6134745e30e385fa605cd82ad443c5514bab

  • SHA512

    da40162dcd1f1e50e3b5bfa441a779bef56b2996ceec788f37520d7cd1bca9586f9a965f9b2b39dab66c61f9afbd28e4bd95616e441abf6df55ce4456ab967ee

  • SSDEEP

    3072:YkT6zOA0mX1K/dnAFGvKsAisPd90qoF3L0Db0/5Eurwg4nlL5q7pf:BGhK/7VsPUv3QDb0hxww7pf

Score
10/10
salitybackdoorupx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      5386418c42b84b7d5da9dfa6b74c6134745e30e385fa605cd82ad443c5514bab

    • Size

      164KB

    • MD5

      4307333ad6c1221bc40ef92b5641e410

    • SHA1

      cdd831b95b3c36a16c4c2c713639557f2180b142

    • SHA256

      5386418c42b84b7d5da9dfa6b74c6134745e30e385fa605cd82ad443c5514bab

    • SHA512

      da40162dcd1f1e50e3b5bfa441a779bef56b2996ceec788f37520d7cd1bca9586f9a965f9b2b39dab66c61f9afbd28e4bd95616e441abf6df55ce4456ab967ee

    • SSDEEP

      3072:YkT6zOA0mX1K/dnAFGvKsAisPd90qoF3L0Db0/5Eurwg4nlL5q7pf:BGhK/7VsPUv3QDb0hxww7pf

    Score
    10/10
    salitybackdoorupx

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

      backdoorsality

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks