General

  • Target

    70edbe1592e6e17efd89b7047399b688204a3693435b96f775e1abdd3cbb76db

  • Size

    4.5MB

  • Sample

    240220-bzsctsgg8x

  • MD5

    24011c684b61a25b2b4fdcec8633cd36

  • SHA1

    432cf8a23ad4dc4fb3b7b3abd62cf09c62f9c4c8

  • SHA256

    70edbe1592e6e17efd89b7047399b688204a3693435b96f775e1abdd3cbb76db

  • SHA512

    6026c3d18910f66d9b736a8678f71c00165fba2fe49fefde48943fee1f6ae7363676bfb994dff3b8db497192f07ad34789defcca1924e8b1f6a617299ba9f780

  • SSDEEP

    6144:DIZTK/5PUBjUJvMqK4/B4nkZFmJ1fshqLgTu8E049Y4k:DIxKh8pUo4/BK0FsshEOug4W4k

Score
10/10

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      70edbe1592e6e17efd89b7047399b688204a3693435b96f775e1abdd3cbb76db

    • Size

      4.5MB

    • MD5

      24011c684b61a25b2b4fdcec8633cd36

    • SHA1

      432cf8a23ad4dc4fb3b7b3abd62cf09c62f9c4c8

    • SHA256

      70edbe1592e6e17efd89b7047399b688204a3693435b96f775e1abdd3cbb76db

    • SHA512

      6026c3d18910f66d9b736a8678f71c00165fba2fe49fefde48943fee1f6ae7363676bfb994dff3b8db497192f07ad34789defcca1924e8b1f6a617299ba9f780

    • SSDEEP

      6144:DIZTK/5PUBjUJvMqK4/B4nkZFmJ1fshqLgTu8E049Y4k:DIxKh8pUo4/BK0FsshEOug4W4k

    Score
    10/10
    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks