Overview

overview

10

Static

static

3

3f439feea4...02.exe

windows7-x64

10

3f439feea4...02.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3f439feea43b7aacde3516f39387ba02

  • Size

    200KB

  • Sample

    231225-143rssghdn

  • MD5

    3f439feea43b7aacde3516f39387ba02

  • SHA1

    2ca9348209f83fec57c73206dfbd9b917f2c0956

  • SHA256

    16cf862fe764370e96cc4df252a8df9f5bdde52958d2be0e628fcbb64dc6e5b9

  • SHA512

    cb4d1ad89235fe16357a940041813f56c859f9b9eee3d02142c798af20a447d0414a61474a60a7ce05d3ff622bed34de21fb9db5c7ec7b077674f10dddb39047

  • SSDEEP

    3072:h9Jb3B2WXq85Xi+KxtAEyerA9XNh4K2DG+QCiYUMvvZAgBpJSb79V3Sz8LlYcLc2:h9Jb5a2i+6leYdbfJo

Score
10/10
salitybackdoorupx

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

http://www.klkjwre9fqwieluoi.info/

http://kukutrustnet777888.info/

Targets

    • Target

      3f439feea43b7aacde3516f39387ba02

    • Size

      200KB

    • MD5

      3f439feea43b7aacde3516f39387ba02

    • SHA1

      2ca9348209f83fec57c73206dfbd9b917f2c0956

    • SHA256

      16cf862fe764370e96cc4df252a8df9f5bdde52958d2be0e628fcbb64dc6e5b9

    • SHA512

      cb4d1ad89235fe16357a940041813f56c859f9b9eee3d02142c798af20a447d0414a61474a60a7ce05d3ff622bed34de21fb9db5c7ec7b077674f10dddb39047

    • SSDEEP

      3072:h9Jb3B2WXq85Xi+KxtAEyerA9XNh4K2DG+QCiYUMvvZAgBpJSb79V3Sz8LlYcLc2:h9Jb5a2i+6leYdbfJo

    Score
    10/10
    salitybackdoorupx

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

      backdoorsality

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks