General
-
Target
18c879b11fa83d12fd6c6eb8a1c94b7beb0bb6c1d835da20a6dd73e808aa3968
-
Size
2.3MB
-
Sample
240220-sdvphaab6x
-
MD5
546872a89304878011e77f2c701d49fb
-
SHA1
997975da31104e251c299c300039c928c4fe9b69
-
SHA256
18c879b11fa83d12fd6c6eb8a1c94b7beb0bb6c1d835da20a6dd73e808aa3968
-
SHA512
7769f5c0b041f1f2809e7a860930327ff6f77513f3d0de791d48ce1a3e93b1b02ede4a0953acda416820b15ac6e588f8c7b7101cbedb9a39e6a30dfc0adc5bb3
-
SSDEEP
49152:BLDG5Gyz75LYZKbY+WNojkCNEerPAPO19RE5fCm:BLDG5vz75LgKbYVYkAkPOo
Static task
static1
Behavioral task
behavioral1
Sample
18c879b11fa83d12fd6c6eb8a1c94b7beb0bb6c1d835da20a6dd73e808aa3968.exe
Resource
win7-20231215-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
18c879b11fa83d12fd6c6eb8a1c94b7beb0bb6c1d835da20a6dd73e808aa3968
-
Size
2.3MB
-
MD5
546872a89304878011e77f2c701d49fb
-
SHA1
997975da31104e251c299c300039c928c4fe9b69
-
SHA256
18c879b11fa83d12fd6c6eb8a1c94b7beb0bb6c1d835da20a6dd73e808aa3968
-
SHA512
7769f5c0b041f1f2809e7a860930327ff6f77513f3d0de791d48ce1a3e93b1b02ede4a0953acda416820b15ac6e588f8c7b7101cbedb9a39e6a30dfc0adc5bb3
-
SSDEEP
49152:BLDG5Gyz75LYZKbY+WNojkCNEerPAPO19RE5fCm:BLDG5vz75LgKbYVYkAkPOo
-
Modifies firewall policy service
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1