General

  • Target

    896b07995817360f72db1d9ad0b78fddb36118b062abe3d76db0e0a2d2e5a358

  • Size

    2.5MB

  • Sample

    240218-s154rabg2w

  • MD5

    24fd64152ab357c7f4fd45706ca3a4c2

  • SHA1

    8dd0fd4eafaae570848e6825f8283a40df348754

  • SHA256

    896b07995817360f72db1d9ad0b78fddb36118b062abe3d76db0e0a2d2e5a358

  • SHA512

    cffb3cb63898876ca166deb67886c6f7e45bf9a693df5e5068f4cf135e5e3a0f94ae05202e4fc9c84c1da3d18165ce5f801e5e7cb28b3999fa6fcd7595032a9d

  • SSDEEP

    12288:YnbxbNhGnxyijzmbNhGnxyijzdNymNc+gZ4Bp:YNrQNymNc+24p

Score
10/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      896b07995817360f72db1d9ad0b78fddb36118b062abe3d76db0e0a2d2e5a358

    • Size

      2.5MB

    • MD5

      24fd64152ab357c7f4fd45706ca3a4c2

    • SHA1

      8dd0fd4eafaae570848e6825f8283a40df348754

    • SHA256

      896b07995817360f72db1d9ad0b78fddb36118b062abe3d76db0e0a2d2e5a358

    • SHA512

      cffb3cb63898876ca166deb67886c6f7e45bf9a693df5e5068f4cf135e5e3a0f94ae05202e4fc9c84c1da3d18165ce5f801e5e7cb28b3999fa6fcd7595032a9d

    • SSDEEP

      12288:YnbxbNhGnxyijzmbNhGnxyijzdNymNc+gZ4Bp:YNrQNymNc+24p

    Score
    10/10
    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks