General

  • Target

    57bfe72b4bb4d2eb6fb1b3e11cdd521914504b7d07d83b4c0c8fb5b85d3862bf

  • Size

    4.4MB

  • Sample

    240219-3ve1gsgc58

  • MD5

    48c0d87bd8f0884a38c8fac99914afa7

  • SHA1

    3109f2fc8ec818d3769e427d891e8385ae92093c

  • SHA256

    57bfe72b4bb4d2eb6fb1b3e11cdd521914504b7d07d83b4c0c8fb5b85d3862bf

  • SHA512

    bbe30fe848926c8126ef0624bf550d039b4118a42133a3d3df58aacacfa13629b0b62fd07b92e51352f18f5fe638a799882800c291491b03624f800e6e56cc6f

  • SSDEEP

    3072:bc6A69aLeBTaAdurLEXBySTLwYst7Hv5bwbA53:46h9naAdu8vbKHxc4

Score
10/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      57bfe72b4bb4d2eb6fb1b3e11cdd521914504b7d07d83b4c0c8fb5b85d3862bf

    • Size

      4.4MB

    • MD5

      48c0d87bd8f0884a38c8fac99914afa7

    • SHA1

      3109f2fc8ec818d3769e427d891e8385ae92093c

    • SHA256

      57bfe72b4bb4d2eb6fb1b3e11cdd521914504b7d07d83b4c0c8fb5b85d3862bf

    • SHA512

      bbe30fe848926c8126ef0624bf550d039b4118a42133a3d3df58aacacfa13629b0b62fd07b92e51352f18f5fe638a799882800c291491b03624f800e6e56cc6f

    • SSDEEP

      3072:bc6A69aLeBTaAdurLEXBySTLwYst7Hv5bwbA53:46h9naAdu8vbKHxc4

    Score
    10/10
    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks