General
-
Target
49493aa84538ac0c09167e7855ef4ae3e0f089daf94fba30215df4a8aa8bff13
-
Size
97KB
-
Sample
221128-sdctpaca24
-
MD5
4816664c381b1ae7e10a9ad4ba4d8f50
-
SHA1
7853327c38fc4cfec57b6eecd05670d7cb23b100
-
SHA256
49493aa84538ac0c09167e7855ef4ae3e0f089daf94fba30215df4a8aa8bff13
-
SHA512
fc9e7e36142e404503fdc9019f6532c0c4a93f8e691c9a4ba3f1d6711dbe9329502c30ba962661850e0fde35b0be4449260c301c1cafacf811cb4dac08edba42
-
SSDEEP
3072:gxm1J6XXIAOLAt/mx5JfsGId5Tv3uAUJ4gNSKTbYH:gx3mAt/uod5bm4gNS+
Static task
static1
Behavioral task
behavioral1
Sample
49493aa84538ac0c09167e7855ef4ae3e0f089daf94fba30215df4a8aa8bff13.exe
Resource
win7-20220901-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
49493aa84538ac0c09167e7855ef4ae3e0f089daf94fba30215df4a8aa8bff13
-
Size
97KB
-
MD5
4816664c381b1ae7e10a9ad4ba4d8f50
-
SHA1
7853327c38fc4cfec57b6eecd05670d7cb23b100
-
SHA256
49493aa84538ac0c09167e7855ef4ae3e0f089daf94fba30215df4a8aa8bff13
-
SHA512
fc9e7e36142e404503fdc9019f6532c0c4a93f8e691c9a4ba3f1d6711dbe9329502c30ba962661850e0fde35b0be4449260c301c1cafacf811cb4dac08edba42
-
SSDEEP
3072:gxm1J6XXIAOLAt/mx5JfsGId5Tv3uAUJ4gNSKTbYH:gx3mAt/uod5bm4gNS+
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-