General

  • Target

    5949ecfe610184464b096f641b0e88e39082a9bbceec1b9a1a7b188bbee5e65a

  • Size

    2.5MB

  • Sample

    230919-hs4wlshe57

  • MD5

    8d64f009168c30eb666b7456bf32e0f3

  • SHA1

    d58fe154350e4963e93bfca648d8791ee4109acf

  • SHA256

    5949ecfe610184464b096f641b0e88e39082a9bbceec1b9a1a7b188bbee5e65a

  • SHA512

    dd9ae8504ea1c8e9907a47b51773fa3fa6a35d93009d4029af9e9c248dc05192963ea03f3df4e5f6f0de7b7677a158b463119d630e2b87fbccdf50c0f957ede9

  • SSDEEP

    49152:mbctL0RnRxar+nsPL5MgAD88xK4iuNTZFbrsdto5/j4vXccaPnTsDnxDfsDlJyj1:mwtkRx/sPLvY9svXHzv

Score
10/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      5949ecfe610184464b096f641b0e88e39082a9bbceec1b9a1a7b188bbee5e65a

    • Size

      2.5MB

    • MD5

      8d64f009168c30eb666b7456bf32e0f3

    • SHA1

      d58fe154350e4963e93bfca648d8791ee4109acf

    • SHA256

      5949ecfe610184464b096f641b0e88e39082a9bbceec1b9a1a7b188bbee5e65a

    • SHA512

      dd9ae8504ea1c8e9907a47b51773fa3fa6a35d93009d4029af9e9c248dc05192963ea03f3df4e5f6f0de7b7677a158b463119d630e2b87fbccdf50c0f957ede9

    • SSDEEP

      49152:mbctL0RnRxar+nsPL5MgAD88xK4iuNTZFbrsdto5/j4vXccaPnTsDnxDfsDlJyj1:mwtkRx/sPLvY9svXHzv

    Score
    10/10
    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks