Overview

overview

10

Static

static

b7362276d7...f0.exe

windows7-x64

3

b7362276d7...f0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b7362276d7d34079aba58a1fd3add4e2ef08f69429d0c78cc8a459bc5953baf0

  • Size

    152KB

  • Sample

    221203-nx9kjsbf4t

  • MD5

    2993fcf0fa3dbccf738e3943dc51620e

  • SHA1

    ced7e8d1b8549f967d1a0c16252453d00ba7d1c6

  • SHA256

    b7362276d7d34079aba58a1fd3add4e2ef08f69429d0c78cc8a459bc5953baf0

  • SHA512

    be400ddf294516a4fdad7a513e882a3a8fddbd28cbdaae2cfd0d315e69327d873d667f1c948ebc4b352ca15e02a372b733d8322732c7357beefd3982962953b9

  • SSDEEP

    3072:pB16e24wDl91G+f4jIL7CmoMcAZg6CthWw+k5zGGDjWpM:Z6eJ0Jf4j27voxYg6CtLeKjeM

Score
10/10
salitybackdoorevasiontrojanupx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      b7362276d7d34079aba58a1fd3add4e2ef08f69429d0c78cc8a459bc5953baf0

    • Size

      152KB

    • MD5

      2993fcf0fa3dbccf738e3943dc51620e

    • SHA1

      ced7e8d1b8549f967d1a0c16252453d00ba7d1c6

    • SHA256

      b7362276d7d34079aba58a1fd3add4e2ef08f69429d0c78cc8a459bc5953baf0

    • SHA512

      be400ddf294516a4fdad7a513e882a3a8fddbd28cbdaae2cfd0d315e69327d873d667f1c948ebc4b352ca15e02a372b733d8322732c7357beefd3982962953b9

    • SSDEEP

      3072:pB16e24wDl91G+f4jIL7CmoMcAZg6CthWw+k5zGGDjWpM:Z6eJ0Jf4j27voxYg6CtLeKjeM

    Score
    10/10
    salitybackdoorevasiontrojanupx

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

      backdoorsality

    • UAC bypass

      evasiontrojan

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks