sality | a05011414fab7f8b40f4b1d75d7f09b8e98e6a584303b7cdef6084fc8a8a4d98 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.629ba5a3b2d9c1696cde48f8bd42a2f0_JC.exe
Size

262KB
Sample

231010-w1jgjaff3t
MD5

629ba5a3b2d9c1696cde48f8bd42a2f0
SHA1

903892bcb6176e4ebb916d4e85aec4b2ba3fc669
SHA256

a05011414fab7f8b40f4b1d75d7f09b8e98e6a584303b7cdef6084fc8a8a4d98
SHA512

c96bc9c3e5765cc8ca6ea66aa04b0e0680821f88bc8085e471349a65ce77075c9782658aa7d5585e39549b22c8514d2814947ab70bd5ca9096d6865078680cee
SSDEEP

3072:lyj/SYC0N8C+8o+bIDsbcG/w3RIF7X8aQ5dtWm803Cgiq9uTuak6+Br4nZZhpxPF:0jKKdbpb+RIatdIq9MHMBYZbbR

Score

10^/10

sality backdoor upx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

http://www.klkjwre9fqwieluoi.info/

http://kukutrustnet777888.info/

Targets

- Target
  
  NEAS.629ba5a3b2d9c1696cde48f8bd42a2f0_JC.exe
- Size
  
  262KB
- MD5
  
  629ba5a3b2d9c1696cde48f8bd42a2f0
- SHA1
  
  903892bcb6176e4ebb916d4e85aec4b2ba3fc669
- SHA256
  
  a05011414fab7f8b40f4b1d75d7f09b8e98e6a584303b7cdef6084fc8a8a4d98
- SHA512
  
  c96bc9c3e5765cc8ca6ea66aa04b0e0680821f88bc8085e471349a65ce77075c9782658aa7d5585e39549b22c8514d2814947ab70bd5ca9096d6865078680cee
- SSDEEP
  
  3072:lyj/SYC0N8C+8o+bIDsbcG/w3RIF7X8aQ5dtWm803Cgiq9uTuak6+Br4nZZhpxPF:0jKKdbpb+RIatdIq9MHMBYZbbR
Score

10^/10

sality backdoor upx
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

salitybackdoorupx