sality | 0a8a941456b7e73685b215da6b109cc2c864d6cd46f693034cb96d9bd931e085 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

0a8a941456...85.exe

windows7-x64

1

0a8a941456...85.exe

windows10-2004-x64

Sharing

General

Target

0a8a941456b7e73685b215da6b109cc2c864d6cd46f693034cb96d9bd931e085
Size

222KB
Sample

231104-nsqa4sbb94
MD5

391650ad3e63c70aba4531f5cfbbea5e
SHA1

3c326d5ba27397e020cc4717a8ef433b2c65a5c4
SHA256

0a8a941456b7e73685b215da6b109cc2c864d6cd46f693034cb96d9bd931e085
SHA512

e1bf615c34c1dc496bd78d90affc6fcc04a7d315a87b08a179b01a3d0723768e96c4fb1620a5011fe7f454cbfeea4023385b753decf81129e2913bf5b0ef5b8b
SSDEEP

3072:SwzvOYwVN5YP/aKavT/DvbEvK9aobNI2B+el0LTGzkWJWXVfShNgpNcOJkeaNd1W:UXiP/aK2h9H/B+XgyHo2

Score

10^/10

sality backdoor upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0a8a941456b7e73685b215da6b109cc2c864d6cd46f693034cb96d9bd931e085.exe

Resource

win7-20231020-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

0a8a941456b7e73685b215da6b109cc2c864d6cd46f693034cb96d9bd931e085.exe

Resource

win10v2004-20231023-en

sality backdoor upx

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

- Target
  
  0a8a941456b7e73685b215da6b109cc2c864d6cd46f693034cb96d9bd931e085
- Size
  
  222KB
- MD5
  
  391650ad3e63c70aba4531f5cfbbea5e
- SHA1
  
  3c326d5ba27397e020cc4717a8ef433b2c65a5c4
- SHA256
  
  0a8a941456b7e73685b215da6b109cc2c864d6cd46f693034cb96d9bd931e085
- SHA512
  
  e1bf615c34c1dc496bd78d90affc6fcc04a7d315a87b08a179b01a3d0723768e96c4fb1620a5011fe7f454cbfeea4023385b753decf81129e2913bf5b0ef5b8b
- SSDEEP
  
  3072:SwzvOYwVN5YP/aKavT/DvbEvK9aobNI2B+el0LTGzkWJWXVfShNgpNcOJkeaNd1W:UXiP/aK2h9H/B+XgyHo2
Score

10^/10

sality backdoor upx
- Sality
  Sality is backdoor written in C++, first discovered in 2003.
  backdoor sality
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

salitybackdoorupx

© 2018-2025

Terms | Privacy