General

  • Target

    6e607519aafc474e8dc5a1c8413efad2ff939c22cddc6f02521dbf0a13268d7e

  • Size

    1.4MB

  • Sample

    240219-zbwbksdb73

  • MD5

    5fb79344063e50b67af92c58896b7b28

  • SHA1

    0ed192152138970e8921fb7adc293c5b0f8d3cf6

  • SHA256

    6e607519aafc474e8dc5a1c8413efad2ff939c22cddc6f02521dbf0a13268d7e

  • SHA512

    a2bc3e0e417f68a83a7a12a3f3c45c8c9df622063db843348fb8b0cc646ec628f893133e9b08153db24e9019fdc713b40e905ca351652a83dada5e73c1b7130d

  • SSDEEP

    6144:MeK/M4ej8Csgjl9DaMcJ6R8Jr8Wp6vaNaLHeo:5oMePMr8Jrrp6vsaLH

Score
10/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      6e607519aafc474e8dc5a1c8413efad2ff939c22cddc6f02521dbf0a13268d7e

    • Size

      1.4MB

    • MD5

      5fb79344063e50b67af92c58896b7b28

    • SHA1

      0ed192152138970e8921fb7adc293c5b0f8d3cf6

    • SHA256

      6e607519aafc474e8dc5a1c8413efad2ff939c22cddc6f02521dbf0a13268d7e

    • SHA512

      a2bc3e0e417f68a83a7a12a3f3c45c8c9df622063db843348fb8b0cc646ec628f893133e9b08153db24e9019fdc713b40e905ca351652a83dada5e73c1b7130d

    • SSDEEP

      6144:MeK/M4ej8Csgjl9DaMcJ6R8Jr8Wp6vaNaLHeo:5oMePMr8Jrrp6vsaLH

    Score
    10/10
    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks