General
-
Target
fb615c4becd0500f788710d5c9fc082def84bb29b32e0b206242f0c7848bbd09
-
Size
332KB
-
Sample
221127-xflltsed4v
-
MD5
02f41d55fb4e47ec855e022fbed79c6f
-
SHA1
be5d443bcb30a19fe44194e78ba427066f9ebdd4
-
SHA256
fb615c4becd0500f788710d5c9fc082def84bb29b32e0b206242f0c7848bbd09
-
SHA512
86b9ca6c7ba2a44692f8eb76488e967e1b0dd8c9b31a03ec45869b91ae0e4fb5c694f001d3e20b1580ed1285f6792a91aca8b80bce96149afbb63109b66d6560
-
SSDEEP
3072:X9BtxBt0IDLhqQ9BtxBtWQOL1NzQZK/BtLBtAvBXtSZYSsMeevL8sZZARlS05I3K:iPqmYSbL8sZDU8XK9
Static task
static1
Behavioral task
behavioral1
Sample
fb615c4becd0500f788710d5c9fc082def84bb29b32e0b206242f0c7848bbd09.exe
Resource
win7-20220812-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
fb615c4becd0500f788710d5c9fc082def84bb29b32e0b206242f0c7848bbd09
-
Size
332KB
-
MD5
02f41d55fb4e47ec855e022fbed79c6f
-
SHA1
be5d443bcb30a19fe44194e78ba427066f9ebdd4
-
SHA256
fb615c4becd0500f788710d5c9fc082def84bb29b32e0b206242f0c7848bbd09
-
SHA512
86b9ca6c7ba2a44692f8eb76488e967e1b0dd8c9b31a03ec45869b91ae0e4fb5c694f001d3e20b1580ed1285f6792a91aca8b80bce96149afbb63109b66d6560
-
SSDEEP
3072:X9BtxBt0IDLhqQ9BtxBtWQOL1NzQZK/BtLBtAvBXtSZYSsMeevL8sZZARlS05I3K:iPqmYSbL8sZDU8XK9
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-