General
-
Target
7cba69a1e9801e9c4024f08237ffd7fc6d0f2fcb015e869d5bc5310390c78b5a
-
Size
2.7MB
-
Sample
240218-t2tmsacf82
-
MD5
338326774a9efd69c10cf7526a098f43
-
SHA1
d6de994e8d86a0e33765aa7ee5a0133de227540f
-
SHA256
7cba69a1e9801e9c4024f08237ffd7fc6d0f2fcb015e869d5bc5310390c78b5a
-
SHA512
bff2c2408bb8c46fbd04a39b917e8e8e86277257719a573ae6a9c82be7c030622ca1ce895d31a239dd760af9830d8ea1725609ecef9792ee324d7bc9492d30a4
-
SSDEEP
49152:GyG3tQ7ZMxg0K/th7KV8gbXHA/nTJF6f:Gy37R2g/nTJF2
Static task
static1
Behavioral task
behavioral1
Sample
7cba69a1e9801e9c4024f08237ffd7fc6d0f2fcb015e869d5bc5310390c78b5a.exe
Resource
win7-20231215-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
7cba69a1e9801e9c4024f08237ffd7fc6d0f2fcb015e869d5bc5310390c78b5a
-
Size
2.7MB
-
MD5
338326774a9efd69c10cf7526a098f43
-
SHA1
d6de994e8d86a0e33765aa7ee5a0133de227540f
-
SHA256
7cba69a1e9801e9c4024f08237ffd7fc6d0f2fcb015e869d5bc5310390c78b5a
-
SHA512
bff2c2408bb8c46fbd04a39b917e8e8e86277257719a573ae6a9c82be7c030622ca1ce895d31a239dd760af9830d8ea1725609ecef9792ee324d7bc9492d30a4
-
SSDEEP
49152:GyG3tQ7ZMxg0K/th7KV8gbXHA/nTJF6f:Gy37R2g/nTJF2
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5