General
-
Target
8979137f1a222b0e58d2a79f8c4e6adf4ddc2dacd01dff4153c4ca4972736f80
-
Size
100KB
-
Sample
221205-p91c3sff8v
-
MD5
e9c18733932879e15c3c4c3e94c57bbb
-
SHA1
17d5aa2b58782456c9e49a7870bc0b2c9a69c2b7
-
SHA256
8979137f1a222b0e58d2a79f8c4e6adf4ddc2dacd01dff4153c4ca4972736f80
-
SHA512
2b4eac26f9727e9286c282199fda8cb9bf40e676247d48f5032d415fc972309fd3e441f0dcb20a54216baa00d12359751be2e7a513468c8502186d13fd7ea5ff
-
SSDEEP
1536:UneWw/vnj/m7XYdxfErNWttGF9Cru1hA4WvV8SYKGF79z:SeH//jO7eeNgcDkoUhYZF7l
Static task
static1
Behavioral task
behavioral1
Sample
8979137f1a222b0e58d2a79f8c4e6adf4ddc2dacd01dff4153c4ca4972736f80.exe
Resource
win7-20221111-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
8979137f1a222b0e58d2a79f8c4e6adf4ddc2dacd01dff4153c4ca4972736f80
-
Size
100KB
-
MD5
e9c18733932879e15c3c4c3e94c57bbb
-
SHA1
17d5aa2b58782456c9e49a7870bc0b2c9a69c2b7
-
SHA256
8979137f1a222b0e58d2a79f8c4e6adf4ddc2dacd01dff4153c4ca4972736f80
-
SHA512
2b4eac26f9727e9286c282199fda8cb9bf40e676247d48f5032d415fc972309fd3e441f0dcb20a54216baa00d12359751be2e7a513468c8502186d13fd7ea5ff
-
SSDEEP
1536:UneWw/vnj/m7XYdxfErNWttGF9Cru1hA4WvV8SYKGF79z:SeH//jO7eeNgcDkoUhYZF7l
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-