Overview

overview

10

Static

static

e877a8dc29...e6.exe

windows7-x64

3

e877a8dc29...e6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e877a8dc2909b397dffd106228fcc390e573be03c4f2c8f0d13cd42c022af3e6

  • Size

    902KB

  • Sample

    221123-z3gmhahe2w

  • MD5

    4c1d2266f813a4c181e42302698dab20

  • SHA1

    c2c058aaf814478520f7b89ddc1e44d15ae19847

  • SHA256

    e877a8dc2909b397dffd106228fcc390e573be03c4f2c8f0d13cd42c022af3e6

  • SHA512

    98e612a4376a32af2e5dbfab652cc027f41142a5261959926f4118080f1121b70b5892b69c3a0da3ff3151df7986b21e6aff5712d4642360a33626d0bee70577

  • SSDEEP

    12288:tflmx9S5j5n8u3SE+JlLOJVK7UEaM5SO4zg4vPcHOps:ttZ3UJROJV7RFfcHOps

Score
10/10
salitybackdoorevasiontrojanupx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      e877a8dc2909b397dffd106228fcc390e573be03c4f2c8f0d13cd42c022af3e6

    • Size

      902KB

    • MD5

      4c1d2266f813a4c181e42302698dab20

    • SHA1

      c2c058aaf814478520f7b89ddc1e44d15ae19847

    • SHA256

      e877a8dc2909b397dffd106228fcc390e573be03c4f2c8f0d13cd42c022af3e6

    • SHA512

      98e612a4376a32af2e5dbfab652cc027f41142a5261959926f4118080f1121b70b5892b69c3a0da3ff3151df7986b21e6aff5712d4642360a33626d0bee70577

    • SSDEEP

      12288:tflmx9S5j5n8u3SE+JlLOJVK7UEaM5SO4zg4vPcHOps:ttZ3UJROJV7RFfcHOps

    Score
    10/10
    salitybackdoorevasiontrojanupx

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

      backdoorsality

    • UAC bypass

      evasiontrojan

    • Disables RegEdit via registry modification

      evasion

    • Disables Task Manager via registry modification

      evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks